Did you receive a ticket from Vivo by email? Caution. Scammers are impersonating the operator to spread a malicious program (malware) capable of stealing victims’ bank details.
According to the digital security company Eset, it is about the dissemination of variants of the trojan big treethreat focused on users in Brazil.
how the scam works
According to the company, the seriousness of the coup is given, as it combines the strategy of phishing (action of inducing people without them realizing it) with the propagation of malicious files.
Criminals send an email with a fake Vivo invoice attached. The goal, however, is not to get victims to pay the scammers.
Screen print highlights emails from scammers impersonating Vivo
Image: Welivesecurity
–
The second stage of the crime is to make the person install a malicious program on the computer/cell without her noticing.
Inside email is a notice that the invoice will be due on the same day. The idea of urgency used in the message induces users to click on a button to access the boleto.
—Fake button redirects users to external website, which is not the official website of the company
Image: Welivesecurity
–
It is at this time that victims are directed to a site external. In this case, an investment page.
Then, you are asked to download of a file in zip format. Thus, malware capable of collecting banking information is installed on the device.
—Website indicates downloading a zip file that has the virus hidden
Image: Welivesecurity
–
Scam warning signs
To convince potential victims, the email message is developed with texts and images similar to those used in Vivo’s official communications.
Check out the security tips for this and other scams below:
- Sender email address is not official
Pay attention to the sender responsible for sending the charge. When in doubt, go to your carrier’s website and/or contact customer service to make sure what the official email address the company uses to contact its customers looks like.
- Be wary of compressed files
Many online scams use compressed files (.zip, for example) to hide malicious programs. Generally, telephone operators send slips in PDF format, explains Eset.
- Be wary of charges that arrive on irregular dates
That is, invoices with dates other than the normal due period. Be especially aware of messages with phrases that convey urgency — such as overdue invoices or about to expire. This tactic serves to grab users’ attention and make them make decisions on impulse (like clicking a button).
- Have antivirus installed
The problem with trojan-type malware is that it is silent. The program infiltrates the system without giving any signs that anything has been added to the device. Therefore, it is very important to keep security software installed and updated. In many cases, they are able to identify the problem and delete it before further damage.
- Validate information directly with the company
In case of doubt, always look for official contacts. It can be via SAC (Customer Service) of the company in question.
– –
