Phishing Scam Uses Leaked CPF to Steal Money via PIX
TL;DR
A new phishing campaign exploits leaked CPF data in Brazil to steal money through PIX, the instant payment system, by sending fraudulent SMS messages.
A new **phishing** campaign is exploiting leaked CPF data in Brazil to steal money via **PIX**, the instant payment system. Criminals are sending fraudulent SMS messages claiming irregularities with the CPF and threatening to block accounts, directing victims to deceptive websites.
These messages alert about delays or imminent blocks, and the links lead to imitation pages, such as "pagamento-seguro.pro". These sites are designed to look like portals of the **Judiciary**, reinforcing the credibility of the scam.
Database Facilitates Fraud
The scam becomes convincing due to the use of a database of stolen CPFs. When a victim enters their CPF, a system on a server in **New Jersey**, USA, verifies the information and returns personal data, such as name and birth date.
This leads victims to believe in the legitimacy of the scam. The fraudulent website presents a fake court case number and a specific fine, creating a sense of urgency with a countdown timer.
Scammers' Payment Strategy
The hackers use a **rotation** system between different payment processors, such as **FusionPay** and **FusionPayBR**. This approach aims to distribute risks and hinder the tracking of transactions.
If one processor is blocked, the other continues to operate, allowing the scheme to remain active for longer.
Operational Errors Reveal Fraud Details
Researchers discovered that the operators left server logins exposed, allowing access to information that reveals the criminal process in real time. This includes transactions and even the API keys used.
The domain "pagment-seg.me" was registered with privacy protection, making it difficult to identify those responsible for the scam, which is indeed a well-organized operation.
Critical Periods for Digital Frauds
Experts warn that digital frauds like this increase during **Carnival**, when people are more distracted and using public networks. The urgency created by the timer is particularly manipulative when potential targets are away from home.
The fear of account blocks during holidays leads many to act without verifying the validity of the charges. The combination of user vulnerability and external pressures increases the scammers’ chances of success.
Stay alert and always verify the authenticity of charges before making payments through any channel. For more information on digital security, follow us on social media and subscribe to our newsletter.
Content selected and edited with AI assistance. Original sources referenced above.
