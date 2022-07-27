Scam uses fake Vivo ticket to steal bank details

Abhishek Pratap

Did you receive a ticket from Vivo by email? Caution. Scammers are impersonating the operator to spread a malicious program (malware) capable of stealing victims’ bank details.

According to the digital security company Eset, it is about the dissemination of variants of the Grandoeiro trojan, a threat focused on users in Brazil.

how the scam works

According to the company, the seriousness of the scam is given, as it combines the phishing strategy (action of inducing people without them realizing it) with the propagation of malicious files.

Criminals send an email with a fake Vivo invoice attached. The goal, however, is not to get victims to pay the scammers.

Screen print highlights emails from scammers impersonating Vivo

The second stage of the crime is to make the person install a malicious program on the computer/mobile phone without realizing it.

Inside email is a notice that the invoice will be due on the same day. The idea of ​​urgency used in the message induces users to click on a button to access the boleto.

Fake button redirects users to external website, which is not the official website of the company

It is at this time that victims are directed to a site external. In this case, an investment page.

Then, you are asked to download of a file in zip format. Thus, malware capable of collecting banking information is installed on the device.

Website indicates downloading a zip file that has the virus hidden

Scam warning signs

To convince potential victims, the email message is developed with texts and images similar to those used in Vivo’s official communications.

Check out the security tips for this and other scams below:

  • Sender email address is not official

Pay attention to the sender responsible for sending the charge. When in doubt, go to your carrier’s website and/or contact customer service to make sure what the official email address the company uses to contact its customers looks like.

  • Be wary of compressed files

Many online scams use compressed files (.zip, for example) to hide malicious programs. Generally, telephone operators send slips in PDF format, explains Eset.

  • Be wary of charges that arrive on irregular dates

That is, invoices with dates other than the normal due period. Be especially aware of messages with phrases that convey urgency — such as overdue invoices or about to expire. This tactic serves to grab users’ attention and make them make decisions on impulse (like clicking a button).

  • Have antivirus installed

The problem with trojan-type malware is that it is silent. The program infiltrates the system without giving any signs that anything has been added to the device. Therefore, it is very important to keep security software installed and updated. In many cases, they are able to identify the problem and delete it before further damage.

  • Validate information directly with the company

In case of doubt, always look for official contacts. It can be via SAC (Customer Service) of the company in question.

