The PIX payment system will only start working next month, but scammers are already taking advantage of the new arrival to steal data from careless Internet users. Online security company Kaspersky revealed that cybercriminals have used the technology usage registry as a theme for phishing scams.
According to the company, scammers create messages with the name of a known bank to simulate a registration system to use Pix. The objective is to steal credentials such as account password, CPF and cell phone, in order to gain access to the user’s future account and carry out improper transactions.
Phishing email identified by KasperskyFonte: Kaspersky
According to Fabio Assolini, a Kaspersky expert, the scam found by the company uses a form present on a fake website, which is disseminated with a link. Those responsible for the scam distribute the URL via email, one of the most popular ways to send phishing attacks.
How to avoid phishing hits
Pix goes into effect in Brazil on October 5 and promises to facilitate payments and transfers. The system will use identification keys such as CPF and telephone number during transactions, which has increased the interest of criminals in the information.
To ensure that your data will not be collected in phishing scams, the tip is to always be on the lookout for emails that look suspicious. In addition, when opening links, make sure that the website to which you were redirected is genuine.
If you are not confident about the security of a website, avoid providing personal or banking information. The same is also true for payments. “If the address consists of a meaningless set of characters or the URL looks suspicious, do not finalize the payment,” says Kaspersky.