Scheduled to start operating in November, Pix, a system created by the Central Bank that will allow for almost instant transactions, has already been used by scammers against consumers.
To prepare for the start of operations, financial institutions are already inviting their customers to register their “keys” in the system – data that will serve as identification for transactions, which can be the CPF, cell phone number, e-mail or other information.
But criminals are taking advantage of this move to obtain sensitive information and passwords, misleading consumers by making them register on a fake website.
In many cases, the message contains a link to supposedly pre-register with Pix, but leads to a fake website.
The rule is to always be suspicious
Brazil is among the five countries with the most victims of phishing – a scam in which the criminal deceives the victim to obtain personal data, such as bank passwords. From April to June alone, 13% of internet users in the country accessed at least one link that led to a criminal website.
According to Fabio Assolini, security analyst at antivirus maker Kaspersky, more than 30 million such attacks were identified in Brazil alone in 2019.
The head of the Financial Market Structure at the Central Bank, Carlos Brandt, recommends consumers to register via the bank application of which they are already a client, or through the bank’s own website, in a logged environment. “There will be the information, the whole process, in a safe way, in a totally safe environment”, he says.
“Back in November, when in fact we launch the PIX, then he will be able to make transfers, but always logged into the internet banking or the financial institution’s own application”, adds Caio Fernandes, BC’s head of Infrastructure.
“The tip is: don’t click without first checking if the email was actually sent by your bank,” says analyst Assolini.