A pair of criminals were arrested last Wednesday night (12) at a Caixa Econômica Federal branch in the Federal District (DF). After realizing that the two men were acting suspiciously, the Military Police decided to approach them and found that they had withdrawn R $ 28.3 thousand from third party bank accounts, using, for this, registration information acquired through the deep web.
- Emergency aid: fake Android apps try to steal user data
- Coup promises R $ 500 aid during pandemic and kills 850,000 victims
- Brazil already has more than three million victims of cloning WhatsApp
According to the authorities, the scammers confessed that the amounts withdrawn were from beneficiaries of Emergency Aid, the financial aid of R $ 600 to R $ 1,200 granted by the government to the population economically affected by the crisis of COVID-19. To avoid bureaucracy, withdrawing the benefit is facilitated, it is not necessary to have a Caixa card or be a formal account holder at the bank.
The fraudsters also explained that the beneficiaries' data were acquired with cryptocurrencies in groups on the deep web – part of the internet that is not indexed by search engines (such as Google) and that cannot be accessed through popular browsers. Due to the difficulty of navigating in such an obscure region, the deep web has become a corner for communities dedicated to criminal activities.
The trade of personal data in “secret” web forums is not new: anyone can, after entering these places, buy “lots” of registration information (usually collected through fake or current pages on WhatsApp) or even acquire access illegal use of entire databases, such as CADSUS, which lists all users of the Unified Health System (SUS).
The criminals were arrested in flagrante delicto and sent to the Federal Police; to date, Caixa has not yet commented on such a practice, which apparently has become commonplace to steal someone else's benefit.