Since the launch of Pix, carried out by the Central Bank in 2020, this electronic payment tool has seen a constant increase in its use.
As a consequence of this growth, we observed a corresponding increase in the number of scams involving Pix transactions.
see more
Where to invest R$10,000 with Selic at 12.75%? See THESE directions
Vibrio vulnificus: bacteria that is leaving a DEADLY trail across the…
Especially in the first half of 2023, and since the end of 2022, banking trojans have emerged as a persistent threat to customers of Brazilian financial institutions that use the Pix.
An even more recent form of scam has the ability to “divert” transactions carried out through the Pix. These scams are carried out by banking trojans, known as “Trojan horses”.
This is, therefore, one of the most common types of malicious programs found on the internet. These findings are the result of research conducted by Apura, a cybersecurity company operating in Brazil and Latin America.
What has Apura already identified?
To date, Apura has identified six different “families” of malware or viruses that target transactions carried out through Pix.
In this fraud scenario, individuals using smartphones with the Android operating system are the main targets, according to the company's findings.
Through these harmful applications, cybercriminals have the ability to redirect transactions carried out through Pix, resulting in the theft of funds.
These malicious programs include PixStealer (as well as its variant known as MalRhino), BrazKing, PixPirate, BrasDex, GoatRAT and PixBankBot.
To spread the virus to victims' mobile devices, hackers employ a strategy known as social engineering.
This approach involves persuading the victim to install the virus voluntarily, making them many Sometimes believe that you are interacting with legitimate channels of large companies and institutions banking.
Another common tactic involves offering prizes and participating in sweepstakes as bait to induce the virus to install.
Upon successful infection of the victim's device, the malware grants the criminal the ability to intercept user interaction with the application and modify the parameters of transactions carried out by Pix.
This results in the complete transfer of the balance to accounts linked to intermediaries, popularly known as oranges.
Finally, to avoid detection, the malware overlays fake screens over the interface of the victim's device, with the aim of hiding the scam in progress.
How to protect yourself?
To protect yourself against the actions of these digital criminals, never download applications or other files from dubious sources.
Furthermore, always be suspicious of calls or contacts via messages from supposed bank agents. Always check the veracity of the contact and never provide bank passwords, personal data and other information if you are not fully confident that the contact is safe. You can't be too careful!
At Trezeme Digital, we understand the importance of effective communication. We know that every word matters, which is why we strive to deliver content that is relevant, engaging and personalized to meet your needs.