Taking advantage of the start of the import tax, popularly known as “blouse tax”cybercriminals are carrying out a new scam that uses the name of the Brazilian Post Office to extort money from victims via Pix. SMS messages claim that a product purchased abroad is being held, awaiting payment of taxes to release delivery. A link directs the user to a website with a structure and operation similar to the official one, seeking to convey an appearance of authenticity. Even the colors and logos are those of the Brazilian Post Office.
According to the security company ESET, The scam uses social engineering techniques to collect data, which can be sold on the dark web and used in illegal activities, and also steal money via instant payment, which makes it difficult to recover the amount later.
“Many of the SMS messages indicate that the criminals have some of the victims’ personal information, as many of them refer to them by their first name, which gives the scam even more credibility if people are not careful”comments Daniel Barbosa, Information Security Researcher at ESET Brazil.
The fake website directs victims to the next steps, which include a delivery mechanism and tracking number. “It is noted that the tracking number does in fact exist on the real Correios website, relating to an item posted in February and held since May, awaiting payment. This shows how criminals seek to insert real evidence into the fake process so that people believe in the approach.”he says.
Next, the website displays a button for the victim to provide their email, telephone number, full name and CPF, data that allows criminals to create different types of registrations and even approach the same victims in the future. “To increase the perception of credibility, criminals implemented a validation of the CPF field, preventing victims from entering any random number to continue the process.“, Barbosa reported.
After filling in the data, payment is requested via Pix, with information about a time limit to create a sense of urgency in the victim.”By analyzing the QR Code, it is possible to identify the beneficiary as being another company, and not the Post Office, as would be appropriate in a lawful case of payment of a fee related to imports”the researcher points out.
The expert highlights that, despite all these points that emulate veracity, at no time do the communications from the fake website provide the official Correios link.
The fake message on behalf of the postal service company began circulating in late July, on the eve of the new fee coming into effect, reflecting a worrying trend of increasing scam attempts.
“All of the attempted scams we have identified so far have occurred via SMS. However, this does not mean that this is the only means of contact used by criminals. This type of message can also be sent via apps such as WhatsApp and Telegram, as well as via email,” warns.
How to protect yourself
It is essential to pay attention to the characteristics of the approach to avoid falling for scams. “Be careful with information received passively, that is, information that was not previously requested. Also be concerned about emergencies: criminals put pressure on the authorities to carry out procedures quickly. Criminals have a very limited time to keep each site online because, as soon as these pages are identified, technology and security professionals begin work to remove them as quickly as possible.” explains Daniel Barbosa.
To avoid problems, enter the full address of the alleged company’s official website and verify all the information. If the information received is real, it will be associated with the company’s official website.
Social engineering campaigns often disguise themselves as malicious software that aims to compromise devices, whether they’re computers or smartphones. To prevent these scams from succeeding, it’s important to have reliable protection software and ensure that it’s properly updated and configured to block threats. This will help prevent malware from invading your environment and accessing sensitive information.
“Preventing such approaches can be quite simple, as long as you remain alert and understand how criminals operate, taking steps to prevent them from succeeding”he concludes.
Source: https://www.hardware.com.br/noticias/novo-golpe-cobra-taxa-para-liberar-encomenda-nos-correios.html