With fake offers and “PIX robots”, cybercriminals use social engineering to deceive unsuspecting people looking to save money.

The instant payment system PIX has revolutionized the way financial transfers and transactions are carried out and is now the most widely used payment method by Brazilians, having only been around for three years. However, its popularity and simplicity have caught the attention of cybercriminals who take advantage of the system to carry out their scams. Check out two examples of scams and tips to avoid becoming a victim.

Easy money with PIX Robot

In this scam, criminals take advantage of investors' search for quick financial returns to deceive and persuade those who are less attentive. Using social engineering, they contact people via messages or ads on social media and offer investment opportunities with exorbitant returns in exchange for a Pix to an unknown account.

The idea is for the victim to offer money as a “deposit”, which will be returned after the transactions begin, and the promise of easy gains is so tempting that many people end up giving in to the psychological pressure created by the scammers. Once they have obtained a significant amount from the victim, they cut off contact.

“It is important to understand that legitimate and solid investments do not promise unrealistically high returns in a short space of time. Preventing this type of scam involves carefully researching any investment opportunity, checking the sender’s information and, above all, being suspicious of offers that seem too good to be true,” says Fabio Assolini, Director of Kaspersky’s Global Research and Analysis Team for Latin America.

Fake payment scam with bills and misleading offers

Social engineering is also used here to convince victims that they are making a legitimate payment, when in fact they are transferring money directly into the hands of scammers. Criminals create fake payment slips or present tempting offers, including special discounts, and request payment via PIX, claiming it is the quickest and easiest method.

In the example identified by our experts, the criminals disguised the scam as a telephone/internet bill. The only new feature is the presence of the QR code as a payment option. One detail shows that, for the criminals, the new payment option is preferred, as a supposed discount of 5% is offered if the payment is made using this method.

“To avoid falling into this trap, it is essential to carefully check the origin of the bill or offer. Always confirm the information with reliable sources, such as the official websites of the companies or institutions involved. In addition, avoid clicking on suspicious links or providing sensitive information in response to unsolicited messages. Whenever you come across offers that seem too good to be true or receive suspicious payment requests, stop and analyze the situation with a critical eye,” adds Assolini.

Identify the scam:

• Confirm the recipient's details before completing the payment via PIX. As with all fraudulent schemes, criminals use fake names to receive the money from the scams. Only legitimate payments will show the correct company names (corporate names).
• If a promotion is too good to be true, be wary! Huge discounts and “super deals” can be scams to rip off the unsuspecting. If you see a promotion, it’s important to go to the official website by typing the URL manually into your browser.
• In the example of the fake invoice, there is no information about the customer's name, only the subscriber code, which is a number that almost no one knows by heart.
• If you have been scammed, contact your banking institution to file a police report about the fraud, and notify them immediately.

Content originally posted on Kaspersky Blog

We are Software.com.br, the Official Kaspersky Representative in Brazil and also a reference in technology solutions for the corporate world in Latin America. Count on our consultants specialized in Software Licensing, Cybersecurity, DevOps, Infrastructure and Data Analytics.

See more about Kaspersky on our website: Software.com.br