Account theft is the biggest type of digital fraud in Brazil

Account theft is one of the biggest digital crimes in Brazil. According to figures from the prevention platform AllowMe, 72% of the frauds registered in our country in 2022 were in this category, with most of the registered cases occurring on mobile phones, from malicious applications or fraudulent websites.

The numbers reflect a global trend, in which the credentials of users and also corporate networks are widely targeted as they serve as a gateway to financial crimes, espionage, ransomware and others. Even though the majority of crimes are on cell phones, the data show that, on computers, the total volume of fraud attempts is still three times higher.

In 2022, one out of every 100 transactions assessed by the platform represented a potential risk, with that total being triple for PCs and via the web. “Bypassing security platforms by cell phone usually brings more difficulties, because for a [crime] If these occur, it is necessary to make the device more vulnerable with the use of malicious applications”, explains Diana Herrera, AllowMe’s growth leader.

According to the survey, 23% of fraud attempts are concentrated when registering for a service or opening an account, mainly with the use of third-party data, obtained by criminals from leaks. Gaps that allow data interception or manipulation of redirects accounted for just 5%.

As the most populous state, São Paulo also registered the ranking, concentrating 37% of all fraud attempts in the country. Then comes Rio de Janeiro (17.4%), Minas Gerais (6.8%), Pernambuco (6.4%) and Bahia (4.8%). The study also brings other curious data. Most registered bank frauds took place on Mondays, with 17% of cases.

AllowMe also demonstrates a change in the behavior of criminals, who begin to abandon fraud at dawn, at times when “no one is looking”, to act during business hours, when 70% of cases were registered. “With the strengthening of prevention controls, fraudsters began to act [nesta janela] to follow the most common transactional flow and go unnoticed. The more believable a purchase or transaction is, the more legitimate it will appear,” explains Herrera.

This increased scrutiny has also led to higher fraud detection rates, although totals vary across industries. The investment and mobility segments are the safest, being able to prevent 99% of attempts. However, fintechs appear below, with 83% detection, while loyalty programs had the lowest rate, 78%.

The survey also brings some samples of the behavior of criminals, who often use the same device to access different accounts. On devices used as a source of access to three or more profiles, the fraud rate is 5.9%, while on those used for only one type of transaction, the total is 0.5%. Furthermore, 90% of attempts are made on smartphones that are at least six years old, where scammers can also take advantage of known loopholes and no longer updated by manufacturers due to lack of support.

According to Herrera, this shared use is a strong indication of fraud to be taken into account by prevention mechanisms. “Considering digital accounts, for example, we will hardly have more than one person accessing a single cell phone”, he adds. She, however, points out the need to observe specific cases, such as those of low-income families who share a single device to access social programs or government assistance.

Trending on Canaltech: