The “Comprovante Spray” scam has become an increasing threat to WhatsApp users, affecting more victims across the country. This cybercrime, based on social engineering, involves sending malicious files disguised as bank payment receipts, usually in a “zip” format. The tactic exploits the curiosity and urgency of victims, who, upon clicking these files, unknowingly install malware on their devices. The major risk of this scam lies in the malware’s ability to capture sensitive information, including banking passwords, social media credentials, and even credit card details, allowing criminals to make unauthorized financial transactions and commit identity theft.
Given the sophistication of this fraud, cybersecurity experts warn that the scam is highly effective due to its simple yet persuasive approach. Criminals send messages with direct texts such as “Here is the receipt,” encouraging users to open the file without questioning its legitimacy. The compressed (zip) format is used as a disguise to bypass antivirus detection and security filters in operating systems, making the threat even more dangerous.
The scam has been spreading rapidly, especially among users who frequently conduct banking transactions via mobile devices. The ease with which criminals execute this fraud and the number of victims who have already fallen for it highlight the urgent need for awareness and the adoption of preventive measures to avoid financial losses and the exposure of sensitive data.
How Criminals Operate and Their Scam Strategies
The “Comprovante Spray” scam follows a well-established pattern. The first step involves selecting a target, which can be chosen randomly or based on leaked personal data. Then, scammers send a message via WhatsApp, pretending to be a trusted contact such as a client, supplier, or even a friend. The message includes a compressed file and a short, persuasive text that creates a sense of urgency, leading the victim to open the file immediately.
Once opened, the file triggers the installation of malware that can operate in different ways. Some of these malicious programs function as keyloggers, recording everything the victim types, including passwords and banking information. Others are trojans that allow remote access to the device, enabling criminals to take control of the phone or computer without the user noticing. Some malware is specifically designed to capture banking app credentials, bypassing authentication and security systems used by financial institutions.
Scammers have become more sophisticated in their approaches, with increasingly personalized messages that make it harder to identify the scam. Additionally, they use different phone numbers and fake contact networks to evade tracking. This method has proven to be one of the most effective ways to spread the scam and expand the reach of fraud.
Key Warning Signs to Avoid Falling for the Scam
- Messages that create urgency, such as “Here is the receipt” or “Payment made, check the file”;
- Files in “zip” format or any other compressed type sent by unknown contacts;
- Unexpected requests to download documents, especially related to banking transactions;
- Sudden number changes from supposed clients or suppliers;
- Poorly written messages with grammatical errors or unusual formatting.
Major Damages Caused by the ‘Comprovante Spray’ Scam
The primary consequence of this scam is the theft of banking information, which can result in unauthorized money transfers and financial losses. However, the damages extend beyond this. Access to social media credentials can enable criminals to use victims’ profiles to conduct new scams on their contacts, further expanding the impact of the fraud.
Additionally, there have been cases where malware captures stored credit card data, allowing unauthorized purchases on e-commerce platforms. Another serious consequence is digital account hijacking, where criminals change passwords and block the victim’s access to essential services such as emails, banking apps, and other digital platforms.
In some cases, criminals also install ransomware, which locks files and demands cryptocurrency payments for their release. This type of attack has significantly increased in recent years and can cause enormous financial damage, especially for businesses that store critical data on infected devices.
Preventive Measures to Avoid This Scam
- Never open suspicious files received via WhatsApp, especially in “zip” format;
- Enable two-factor authentication on all important accounts, including banking apps and social media;
- Use reliable antivirus software on both mobile devices and computers;
- Always confirm banking transactions directly with financial institutions instead of clicking suspicious links;
- Keep apps and operating systems updated to reduce security vulnerabilities;
- Do not trust messages that request urgent actions without prior verification.
The Rise of Digital Fraud and the Impact of This Scam
In recent years, digital scams have multiplied at an alarming rate. The increased use of smartphones for financial transactions and WhatsApp as a primary communication tool has made it easier for cybercriminals to execute their attacks. Recent data show that in 2024 alone, over 2.5 million digital fraud attempts were recorded in Brazil, marking a 34% increase compared to the previous year.
The “Comprovante Spray” scam falls into this trend and has been one of the most reported frauds in recent months. The Central Bank and major financial institutions constantly warn users about the need for caution when performing banking operations and emphasize the importance of digital literacy to prevent more people from falling victim to cyber scams.
Interesting Facts About Digital Scams and Bank Frauds
- Brazil is among the top five countries with the highest number of phishing attacks and digital scams;
- WhatsApp is the most used platform for financial fraud in the country;
- It is estimated that by 2025, global financial losses due to digital fraud will exceed $10 billion;
- Social engineering scams, like the “Comprovante Spray,” account for approximately 60% of cyber fraud detected in the past year;
- The most commonly stolen passwords in such attacks are often reused across multiple accounts, making it even easier for criminals to access victims’ data.
Steps to Take If You Fall Victim to This Scam
If someone falls victim to the scam and has their data compromised, it is essential to act quickly to minimize the damage. Some recommended actions include:
- Immediately changing all banking and social media passwords;
- Informing the bank and blocking compromised credit cards;
- Restoring the phone to factory settings to remove potential malware;
- Monitoring bank transactions and enabling security alerts;
- Filing a police report so authorities can investigate the case.
