By: Ubiratã Barros (Security Alert)
In times of high connectivity, criminals are increasingly creative in their attempts to steal personal data, passwords and even money from unsuspecting users. Two of the most common scams today are email phishing and scams on social networks such as WhatsApp, Facebook, Instagram and Twitter/X. Learn about these threats and learn how to protect yourself!
What is phishing and how does it work?
Phishing is a technique used by criminals to trick victims into revealing sensitive information, such as passwords, card numbers and CPF. The attack usually begins with a fake email that appears to be from a trustworthy company, such as your bank, cell phone operator or even the government itself.
Practical example:
You receive an email saying that your account has been blocked and asking you to click on a link to “resolve the problem”. This link takes you to a fake page that looks exactly like the real company, where you enter your details — and they fall directly into the hands of the scammer.
How to identify a phishing email:
Grammatical and Portuguese errors – Poorly written or strange text.
Suspicious links – Hover your mouse over the link without clicking and see if the address does not match the one advertised.
Exaggerated urgency – The message creates a rush (“Your account will be deleted!”) so that you act without thinking.
Unknown or fake sender – Check the sending email. Often, it is not the company’s official sender.
Unexpected attachments – Avoid opening attached files in dubious emails; they may contain viruses.
Tip: No legitimate company asks for sensitive data via email. Always contact them directly through the official website or customer service center before taking action.
Social media scams: beware of fake messages and posts
In addition to WhatsApp, criminals also exploit platforms such as Facebook, Instagram and Twitter/X to commit scams. The approaches usually look like irresistible offers, urgent alerts or even messages from friends in supposed difficulty.
Some common types:
✅ “You won an iPhone!” – Link in bio or description leads to malicious websites.
✅ “Click here to watch your neighbor’s video!” – Typical of scams in social media comments.
✅ “Confirm your subscription” – Simulates services such as Netflix or Amazon (Instagram DM or DM on X).
✅ “I’m stuck abroad, can you help me?” – Pretends to be a family member in trouble (via DM or WhatsApp).
✅ Fake polls, sweepstakes or promotions – Can install malware or collect data.
How to avoid falling for these scams?
Be suspicious of anything that seems too good to be true. Do not click on links from unknown senders.
Verify information with the original source – Call support or access the website by manually typing the address.
Keep your apps and system updated – Updates fix security flaws.
Use two-step authentication (2FA) – This makes it harder to access your accounts even if the criminal has your password.
Important: If you receive a strange message from a friend, confirm with them by another means (phone call or another social network). Your account may have been cloned.
In short: Attention, information and prevention are our best weapons.
Virtual scams are increasingly sophisticated, but you can protect yourself by simply staying calm, being suspicious of unusual situations and always trying to confirm the veracity of the information before taking any action.
Remember: Caution will always be our ally. A minute of analysis can prevent major losses!
