According to institutional alerts disseminated by the Central Bank of BrazilScams run by fake call centers are common in the country and usually involve contacts that appear legitimate. According to the authority, criminals pose as employees of financial institutions, use real consumer data and create emergency situations to trick the victim into following instructions, believing they are protecting their own account.
The Central Bank specifies that this type of approach exploits customers’ trust in the financial system and reduces thinking time, which makes fraud easier. The agency also emphasizes that financial institutions do not contact you to ask for passwords, passcodes, screen sharing or transfers to security accounts, practices associated with fake telephone exchange scams.
For Elisângela B. Taborda, a lawyer specializing in bank fraud, this pattern frequently appears in the fake telephone exchange scam, also known as the fake manager scam. She explains that the criminal makes contact by telephone, creates an emergency and declares that the account is in danger. It then guides the victim step by step to supposedly activate account security or validate procedures and, in this process, may trick the victim into clicking on malicious links, agreeing to remote access or making a video call via WhatsApp, thereby creating an environment conducive to inappropriate access to banking applications and withdrawal of funds.
Taborda claims that, in many situations, after gaining this access, whether by video call or remote access, the criminal begins to view the screen of the cell phone or computer, takes control of the device and receives authentication codes, such as tokens, directly carrying out financial transactions. According to her, in some cases, the fraudster is able to carry out operations on the victim’s own mobile phone, without the victim immediately realizing it. Transfers, borrowing, redemptions of investments and use of credit card limits take place in a short period of time, often before the victim can stop the action.
The expert considers that the same method of execution is also observed in the fake lawyer scam, when the criminal presents himself as a lawyer or a presumed employee of the judiciary. In these cases, the first contact is used to generate trust by asserting that the victim has won their case and should open an account to receive funds. Based on this narrative, the criminal leads the conversation via video call on messaging apps, including WhatsApp, stating that he will guide the recording, while looking at the screen and taking control of the device, maintaining the same pattern of inappropriate access and withdrawal of valuables.
During this contact, access to banking applications is presented as a necessary step for registering or verifying the recipient account. At that point, the criminal views sensitive information, takes control of the device and directly carries out financial transactions, thereby repeating the pattern of abusive withdrawal of funds.
Faced with this scenario, many victims begin to wonder if it is possible to recover lost values. According to Elisângela B. Taborda, the legal analysis of these cases is not limited to checking whether the operations have been authenticated by a password or token, since, in many scams, the criminal obtains this data by viewing the screen, causing confirmations or taking control of the device. According to the lawyer, what will be evaluated is the context of the fraud and the actions of the financial institution in the face of transactions incompatible with the client’s profile, in particular due to the order, speed and amounts involved, in addition to the bank’s response after notification of the event.
The lawyer explains that recent court decisions have evaluated objective factors, such as the order and speed of transactions, the volume moved, the conclusion of credit in a short period of time and the absence of preventive blocks. When these transactions are totally inconsistent with the consumer’s financial past and there is no effective response from the bank, the Court recognized a failure in the provision of the service and ordered the reimbursement of the sums.
For Elisângela B. Taborda, financial institutions have enough technology and data to identify operations outside the usual pattern. She states that when systems allow dozens of successive transactions, loans and full use of limits in a matter of minutes, without any alerts or interruptions, the debate arises on banking responsibility provided for in the Consumer Protection Code (CDC).
In addition to the legal route, the Central Bank of Brazil emphasizes preventive guidelines for the population, warning that consumers should be wary of unsolicited contacts, especially those involving an emergency or instructions to move valuables. The agency advises that any verification be carried out exclusively through the official channels of the financial institution.
About The Author
