RIO DE JANEIRO, BRAZIL – The scams that grew most were the so-called “social engineering,” in which the victim is manipulated and tricked into actions to benefit the criminals.
This growth occurs in a context in which cell phones account for over half of all banking transactions. According to FEBRABAN, mobile phone apps were used in 51% of transactions in 2020. In 2016, the rate stood at 28%.
According to the federation, the pandemic has increased the importance of these devices, which began to be used by people who did not have a bank account before.
This public, unfamiliar with the operation of the banking system and with digital security, is the preferred target of criminal groups, the entity says. Scammers tend to take advantage of the victims’ lack of information to trick them into making deposits and transfers, which is easier than circumventing bank apps and systems’ security features.
SCAMS
The so-called false employee scam grew 62% in the first half of this year. Here, the criminal calls the victim and poses as an institution’s employee with whom the person has a relationship. The scammer informs the victim about alleged security issues, such as a hacked or cloned account, to collect personal and financial data.
During the call, the criminal also asks the victim to type in the card’s password. With this information, scammers are then able to withdraw money from the victim’s account.
The fake courier scam works in similar fashion. The scammer calls the victim posing as a bank employee and says that the card has been cloned, asks for the password and instructs the person to cut the card. However, the chip is preserved.
A purported bank employee visits the customer’s home under the pretense of taking the card, so that a new one may be issued. With the password and the chip, the scammers can withdraw money and make transactions on behalf of the victim.
In this type of situation, scammers try to frighten the victim so that he/she will act on impulse and follow the criminals’ instructions, FEBRABAN warns. Therefore, it is important to note that in no real banking contact will passwords, card numbers, or transfers be requested. When in doubt, customers should hang up and call the service channels listed on the back of the bank card.
Phishing scam attempts increased by 26%. In this type of fraud, e-mails or WhatsApp messages are sent in an attempt to collect data or induce people to click on fake bank webpages. Customers should therefore always be cautious of unsolicited offers or discounts much higher than expected, in addition to carefully checking e-mail addresses and pages in this type of message, which often try to mimic banks’ official pages by changing letters or domains from abroad.
There are also frauds with products sold at apparently very favorable terms. The criminals then induce a sense of urgency in victims so they will make deposits under the pretext of seizing the offers.
FEBRABAN alerts that no type of loan requests advance payments. In the case of purchases, it is important to make them on secure and certified websites.
FEBRABAN states that banks invest R$2.5 billion (US$444 million) per year in digital security. However, in cases where victims make deposits or give information to criminals, banks consider that the fraud did not involve the system, and therefore there is no recourse for compensation. Court cases, however, have been holding banks liable.