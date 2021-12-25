The presenter Ratinho was the victim of a scam on WhatsApp and lost R$ 50 thousand after having his house robbed. In the frame “Mesa do Ratinho”, on his program on SBT, he told more details of the case.

“He put my son’s picture on WhatsApp, Rafael, and kept writing”, said the presenter. “I said: talk to me, son. ‘No, my phone isn’t talking, just writing.’ I said: but that phone I don’t know!”

Criminals who impersonated Rafael said they needed money. “He said he was in the United States, and I sent him R$50,000. [Primeiro] R$ 15 thousand, then he asked for another R$ 35 thousand, I gave another 35. I couldn’t reach the phone number. Bastard,” he completed.

Annoyed, Mouse let out a series of curses as he described what he wanted the thief to do with the money.

This type of scam is known as social engineering, when a person tries to gain the victim’s trust to ask for money without having to breach the security of the apps.

How it works?

Usually, the first message sent is to let you know that the person has changed numbers. The criminal then talks to the victim until he is convinced that he is really talking to an acquaintance. Many “study” open social media profiles to impersonate someone else and find out who their closest friends and family are, in addition to stealing the photos to create a new profile.

In some cases, criminals manage to convince the person to also send the verification code from social networks to steal the account and be able to apply more scams.

Data leaks can facilitate the proliferation of this type of scam. Leaked information helps criminals profile victims. More specialized people are able to cross-reference information from different leaks, such as name, email, telephone, address, date of birth, list of close friends and even CPF and RG numbers.

“The more complete the information, the criminal can impersonate a third party [como um banco] in a more convincing way,” says Carlos Affonso de Souza, director of ITS Rio and columnist for Tilt, during a panel at TDC (The Developer’s Conference).

How to protect yourself?

Keep your profile picture visible on WhatsApp only for your saved contacts, and avoid having the same picture on all networks

If you are suspicious of the message, call the person and confirm that they are the ones talking to you.

Enable 2-step verification of your social media apps

Never pass passwords and codes received by email or phone

Change your passwords often and don’t use the same password everywhere

*With Sarah Moura reporting