A massive leak of photos of Brazilians – supposedly coming from police databases – is being offered for free on a forum in the Deep Web. There are over 300 thousand images in the package available for download – identified on the night of this Monday by the experts from Solo Iron – cybersecurity unit of Solo Network, one of the largest IT integrators in Brazil
To access the forum, credits that can be purchased are required. With access to the forum, and using these credits, it is possible to download the photos for free, explain Felipe Guimarães, Head of the Cybersecurity Team at Solo Iron. Some images are supposedly from the Civil Police of Espírito Santo – and many seem to be from people supposedly fined. Meanwhile, thousands of photos have the format of images used in Brazilian documents, enabling its use in criminal activities. Could not confirm, до цього моменту, the origin of images
The photos can be used by criminals to attempt to create fake bank accounts and fraudulent credit applications, they can also facilitate advanced frauds with the creation of deepfakes
Companies on alert
Guimarães explains that the leak could trigger a significant increase in financial fraud, once criminals have access to potential data that allows the creation of fake profiles with an authentic appearance and the creation of deepfakes. We recommend to companies – mainly from the financial sector – to raise their level of alert in the coming days due to the potential for fraud, and because the images are being distributed for free, further enhancing the possible volume of fraud attempts, affirms
It is not only companies that should stay alert. Consumers should also pay attention to suspicious communications from financial institutions – mainly those that request data confirmation, either by email or phone. It's not difficult, using image search, find preliminary data of the owner of the photograph, as a name, social media links, age, email, among others. Therefore, in case of any suspicious contact, the consumer should seek the financial institution, or consumer protection agencies, says Guimarães
According to studies by Solo Iron, Brazil is a country with unique characteristics when it comes to cybercrime. Local groups – focusing on financial frauds have at their disposal on the dark web a series of tools for fraud against individuals, since the use of credit cards, until PIX. These criminals have been operating alongside global actors, carrying out financial extortion against Brazilian companies, mainly with the use of ransomware and data hijacking
