According to the Brazilian Federation of Banks (Febraban), financial institutions never contact customers to request personal data, passwords, system updates, security keys or any type of payment/transaction to supposedly solve account problems.
The growth of the digital world has brought improvements, but also new challenges, especially in financial security. Scammers are taking advantage of digitization to innovate in the approaches of old scams, such as the fake switchboard. Now, lawbreakers have been contacting customers by phone using recordings that simulate banks’ Interactive Voice Responses (IVRs).
The scam happens as follows: when answering the call, the victim is informed about an alleged approved purchase at a certain commercial establishment or a suspicious Pix transaction. The recording offers two alternatives: inform whether or not you recognize the transaction. After selecting any of the options, the victim will be directed to a fake bank clerk.
In contact with the customer, the lawbreaker states that the transaction is being reviewed and that, as a result, it does not appear in the victim’s bank statement or invoice. According to Febraban, scammers typically claim that, to solve the situation, the customer should take some steps, such as making a transaction to solve the alleged problem, installing remote access applications, and providing personal data, such as account number and password.
Febraban warns that banks may contact customers to confirm suspicious transactions, but never request passwords, personal data, security keys, system updates, payments or transaction reversals through these contacts. If this happens, the recommendation is not to provide any of these pieces of information, immediately end the call and, if in doubt, contact the bank through the official channels.
According to Febraban, in addition to calls, scammers also use SMS and e-mails to deceive customers. In this variation of the scam, lawbreakers send text messages asking the victim to contact a fake call center or click fraudulent links with a view to stealing their personal data and passwords. In other cases, criminals call the customer and claim that their account is being defrauded by an employee of the bank itself, and that, to solve the issue, they need to transfer the amount to a “safe” account. By making this transfer, the victim is actually sending the amount to a criminal’s account.
Scammers direct the client to confirm the transaction with the bank by saying that they are making an investment or a particular operation, thus confirming that the operation should proceed. Any of these behaviors are suspicious and a sign of a scam, warns the Federation of Banks.
Febraban also clarifies that lawbreakers are using the name of the entity in this type of scam. The federation, which has countrywide financial institutions as members, does not maintain direct relationships with customers, and does not make contacts for security procedures or financial operations. Hence, any such communication should be seen as a fraud, warns the institution.
To deter these scams, Febraban and its member banks invest in awareness campaigns. For this purpose, they resort to marketing actions on TV channels, radios, and social media, and maintain active anti-fraud communication on their websites.
In addition to education campaigns, banks invest about BRL 4 billion a year in information technology systems aimed at security, which accounts for about 10% of the overall IT industry spending. This investment is targeted at ensuring the peace of mind of customers in their financial transactions.
Febraban also teams up with the National Telecommunications Agency (Anatel), sending a list of phones used in the scams so that they are blocked by telecommunications companies. Besides that, banks cooperate with law enforcers to spot and punish cybercriminals.
Source: https://portal.febraban.org.br/noticia/4137/pt-br/
Available in: https://maisquedireito.com.br/atendimento-ao-cliente/golpe-da-falsa-central-telefonica/
Autor: Paulo Henrique das Flores Porto • email: paulo.porto@ernestoborges.com.br