The false billet scam is becoming increasingly common in Brazil. From January to September 2019 there were 4,417 such complaints on the Reclame Here site, an increase of 42% over the same period last year at this time of year, the accumulated complaints volume was 3,106. The practice involves falsifying charges to make the payment go to the scammer's bank account. These are several tricks to attract the victim, ranging from manipulating the document barcode to creating fake pages that offer forged invoice download. Here are seven tips for not being fooled at the time of payment.
READ: Scam with false bank slip deceives Brazilians and takes money from the victim; avoid
Check online bank slip risks Photo: Reproduction / Kaspersky
Want to buy a cell phone, TV and other discounted products? Meet the Compare TechTudo
1. Check the ticket details
False slips have some features that can be easily checked by the user. See if the final digits represent the billet value: if they are different, it may be a hit. If this is a recurring charge, such as the cable TV or children's school bill that usually comes with a flat fee, suspect if there are any unexpected variations. Also confirm your personal data, such as CPF, and look for portugus and formatting errors.
Also check if the first digits of the payment code match the bank code that appears as the issuer of the bill of exchange. A bank slip from Banco do Brasil will always start with 001, Bradesco with 237, Caixa Economica Federal with 104, Ita with 341 and Santander with 033. Bank numbers can be checked on the Febraban website (https: // www. febraban.org.br/associados/utilitarios/bancos.asp).
To identify a true billet, it is important to pay attention to barcode numbers. Photo: Reproduction / Carolina Lais
2. Verify the origin of the seller
If a ticket is issued by a store, research the company's reputation on Claim Here to make sure it actually exists. Take the opportunity to look for the CNPJ in the ticket and check if it is real through a query in the recipe app for smartphone. It is also important to avoid shopkeepers that are part of Procon's blacklist.
When shopping online, opt for other non-boleto payment methods whenever possible. Platforms like Paid Market, PagSeguro and other digital media offer more security when acting as intermediaries and can be triggered if something goes wrong in the transaction.
3. Prefer automatic barcode reading
In any ticket, always prefer to read the barcode by the camera of the mobile phone or at the ATM. In general, adulterated digit slips do not carry a compatible barcode and need to force the victim to enter the sequence manually to complete the scam. A document with unreadable bars, therefore, is more likely to be fraudulent.
Always prefer to read the barcode by typing manually Photo: Reproduction / Helito Beggiora
4. Download the slip on the lender's website
Whenever possible, it is important to download slips directly from the bank or company website that is charging you. Always doubt questions that arrive by email, especially when the message brings up a subject like Urgent or Your name is on Serasa. A good way to circumvent this kind of problem is by using an email service with a good anti-spam system, such as Gmail. The same goes for invoices arriving via WhatsApp.
In more sophisticated scams, a fake ticket can even be sent to the victim's house. In this embodiment, the document may look identical to the original, including stamped envelope and actual sender.
5. Make sure your site is secure and avoid public Wi-Fi.
When downloading the slip from the lender's website, make sure you are accessing the real page and that the address starts with HTTPS. Secure pages carry the SSL certificate seal that ensures against tampering and ensures greater reliability for the document being downloaded.
Also avoid connecting to public networks, which are more susceptible to attacks on the router that can spoof visited pages. In more advanced scams, the criminal can intercept access and alter a ticket apparently downloaded from the bank's official website. Therefore, always choose to download to a secure and password-protected network, or via mobile phone Internet.
Green padlock accompanied by "https" indicates encrypted site Photo: Reproduction / Shutterstock
6. Avoid installing suspicious browser extensions
Fraudulent browser-based extensions can make room for attacks. In general, this type of plugin promises some fun and innocent function, but lurks waiting for the user to access the bank's website. In addition to putting your bank account at risk, this type of malicious program can interfere with billet generation and change the code at the time of download.
7. Beware of Boletus Virus
Just like the malicious extension, malware called Bolware may be installed on the user's computer itself. When your PC is infected with this virus, tickets generated on the Internet may have the barcode changed so that the payment is redirected to the criminal. That is, if the user does not check the document and pay, the amount falls into the hacker account.
Fortunately, malware can be countered by most free antivirus. Download good security software and scan periodically to make sure there is no infection in the machine. Also remember not to use public access computers after all, there is no way to ensure that the system is free of threats.
What happens if I don't pay for a ticket that was made with online purchases? Ask questions on the TechTudo forum.
What ransomware: five tips to protect yourself