Beginning of key registration for the Central Bank’s new instant payment system is being used to apply online scams
60 fake domains using PIX as bait have already been created
The cybersecurity company Kaspersky has identified 60 fake domains using the Pix as bait for scams in this first week of registering keys to the new payment system launched by the Central Bank.
According to Kaspersky’s senior security specialist in Brazil, Fabio Assolini, domain registration is the first stage of a scam. “From there, criminals can use the website to distribute malware or place a fake website at this web address.”
Learn how to protect yourself from internet scams involving Pix
One of the scams that can be applied from a fake website aims to infect the victim’s device with malware, a malicious program. In these cases, criminals use an e-mail message, social media or SMS offering registration in the electronic payment system. When the victim is directed to this domain, the website offers to download a malicious file.
“This will allow scammers to have remote access to the infected device, or allow the collection of important data,” he says.
Another common type of attack spreads fake messages to steal credentials to access Internet Banking or Mobile Banking. Like malware spreading attacks, e-mail messages, social networks or SMS offer the registration to Pix, but in this case, they take the victim to a fake bank website.
What is Pix and what is it for? See 40 questions and answers
On the fake page, the victim will be asked to access his bank account and will also be asked for the authentication codes (tokens) present on the password card or in applications. “With this data, criminals will be able to access the victim’s bank account and steal their balance, making fraudulent payments or transfers to other accounts,” he says.
Finally, Assolini also identifies phishing scams to steal personal data that can be used as a Pix key. “The first two types of attacks only use Pix as bait, but the scam itself is not related to the new system. This third type has the main purpose of collecting personal data from victims that can be used in payment system fraud in the next month “, complete. The attack was initially detected two weeks ago by Kaspersky.
* Intern R7 under the supervision of Pablo Marques