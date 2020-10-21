Brazilian criminals changed the technique to carry out the famous WhatsApp scam. Since May 2019, Kaspersky has warned of this risk, which has already used online advertisements and invitations to VIP parties, but now the tactic is simpler: creating fake profiles. Using leaked personal data, these groups only need a profile picture of an application user to initiate extortion of victims.

The big difference of this new type of scam is that those who have a “counterfeit” profile do not know that criminals are using their identity to apply extortion. This is because the crooks have already had access to the victims’ personal data. This is the main change in the scam scheme.

In order to maintain the operation, criminals bought a database with a lot of personal information, such as addresses, phone number, place of work, preference for leisure and affiliation and indications of people close to them. The criminals who commercialize this information were named Data Brokers, a term that ended up naming the operation of the Civil Police of Goiás carried out on September 9.

Data Brokers

Data Brokers do not operate the scam, but are a critical part of the operation. They are responsible for obtaining personal data for the databases and organize attacks against companies that hold Internet users’ records.

“Here, all types of companies can be victims. Of course, online stores are obvious targets, but any company has a database of employees and customers that can be used to supply this scheme, ”says Fabio Assolini, senior security analyst at Kaspersky.

After buying Data Brokers’ personal information, criminals still look on social media for people’s names and photos to be used in accounts that will apply extortion. “That is why we can say that the accounts are counterfeit and that is why the person does not know that his identity is being used in a scam,” says Assolini.

How the new coup happens

The analyst explains that, to start the coup, the first message that criminals send to family and friends is “I changed my cell phone”. After a quick exchange of messages to deceive the victim, the criminal will make the famous request to borrow money to pay a bill or make a purchase and the new cell phone is the perfect excuse for a failed transfer. According to data released on the day the Data Broker operation was launched, losses from extortion amounted to R $ 500 thousand.

This same scheme was also used by the group of criminals arrested in Operation Peregrino III, carried out on October 14 by the Civil Police of Goiás and São Paulo.

To avoid this scam it is important to keep double authentication active. The change in tactics used by criminals shows that it is more difficult to steal the account. However, if the situation eases, they will focus on this tactic again.

To activate it, follow the steps below:

Go to the “settings” menu in the upper right corner;

Enter the “Settings” option;

Then click on “Account”;

Select “2-step verification;

Create a six-digit code that will double your authentication.



