Brazil criminal groups Artificial Intelligence (AI) to stimulate high -tech financial fraud, operating gaps in a rapidly growing digital ecosystem as banks, legislators and police that are jostling.
Even as a street crime fell and Brazil's homicide rate hit A decade of low cybercrime losses reached About $ 54 billion in 2024 – around $ 1,000 per victim, according to the Global Anti -SCAM Alliance.
See also: Technology is increasingly at the heart of criminal operations in Brazil
Connectivity feeds overvoltage. With 86% of Brazilians onlineAbout 217 million smartphone connections, 75% of banking services transactions on mobile devices, and more than 70% registered In Gov.brThe National Brazil digital identification platform, the country has become a gold mine for cybercriminals.
Insight Crime highlights three recent cases that show how Brazil's general connectivity and AI tools allow cybercriminals to carry out increasingly sophisticated and lucrative operations.
Rio Ghost Riders
In August 2025, Rio de Janeiro police disassembled A fraud ring behind nearly 2,000 false Uber trips. The group used images generated by AI to escape identity checks and create Dozens of fake driver and passengers, bypassing Uber's verification systems.
Once the accounts are active, the fraudsters managed long journeys manually with additional stops to inflate the prices. The ghost “rider” would cancel the account before paying payment, leaving Uber pay The “drivers”. The stolen funds were then channeled via Pix, the instant payment system used By more than 182 million Brazilians and quickly dispersed on several accounts to escape detection, at least at the start.
Pix manages more than 6 billion transactions per month – exceeding combined credit and debit cards. Its speed allows fraudsters to siphon the funds before banks or investigators can react, which makes the recovery of assets extremely difficult.
See also: The red command of Brazil transformed the control of the lawn into a hiking monopoly
Uber finally discovered the program. The company told Insight Crime that its anti-fraud team had reported the activity, alerted the authorities and is now cooperating with Rio police. Guilherme Gueiros, a criminal lawyer specializing in cybercrime, says that the Brazilian authorities had limited options without Uber's cooperation. “It is the responsibility of companies like Uber, which must be aware of the way their platforms can be manipulated … (only they have) the ability to detect and prevent such fraud,” he said.
The magnitude of the operation became clear after the Rio police launched his investigation, which initially discovered $ 21,240 in illicit profits. A complete reconstruction of transactions later revealed that a single suspect had moved $ 136,000 in just four months.
Doctors Deepfake
Fraud to tension is only a facet of a broader change. Criminal groups in Brazil also use factfakes generated by AI to forge synthetic identities and escape biometric guarantees in banking and government systems – allowing large -scale digital bars.
The threat made the headlines in August 2025, when the authorities close A small but sophisticated network operating in São Paulo, Espírito Santo and Pará. Arrested people included a 44 -year -old São Paulo man with previous fraud convictions that falsified documents and moved stolen funds; A 20 -year -old in Pará who collected sensitive data with WhatsApp Bots; And a 29 -year -old document forge in Espírito Santo.
The group has targeted the doctors of Rio Grande Do Sul. After having compromised their Gov.br accounts, they recruited lookaliks for photos and used AI to digitally modify the images, creation False ID that could bypass facial recognition guarantees.
See also: Fraud groups use deep buttocks to improve imitation scams in Peru
IDs were then used to open up high-limit accounts, often to companies, to whiten poorly acquired funds, discreetly channeling small quantities via several accounts and the PIX platform to escape detection.
The lax digital bank, customer knowledge (KYC) and anti-money laundering rules in Brazil, combined with slow legal proceedings to access transaction data, allowed fraudsters to move money in a few hours while investigators spent months trying to find it, Gueiros told Insight Crime.
These systemic gaps have led to immediate losses for the victims: the investigators confirmed fraudsters attempt To divert $ 130,000. The regime only proved to be when a doctor reported that his government account had been hacked.
Higher level phishing
While fraud with deep identity increases in Brazil, phishing remains the main method that cybercriminals use access accounts and devices. One of the oldest digital fraud tactics – dating back to the mid -1990s – phishing works by sending misleading messages by e -mail, text or other channels with links or malicious attachments. By pretending to be trusted entities, criminals encourage victims to install malware that steal personal or financial data. It is often the first step in a larger cyber attack.
Phishing has been amplified by AI, which creates false more convincing websites, automatizes mass distribution, accelerates content changes and handles research results, traditional traditional withdrawal efforts.
A Brazilian group known as “Pineapple” used AI to intensify phishing campaigns. Taking advantage of the cloud platforms and an IA assisted site identity theft, the group has created convincing clones of official websites. In 2024, he imitated The tax authority of Brazil, leading the victims to a false portal which Malwowirs delivered And the personal data harvested when they tried to download tax forms.
In 2025, an unidentified group moved to fully AX phishing attacks craftsmanship Hyperrealist websites for the Brazil traffic department and the Ministry of Education. They manipulated Techniques for optimizing search engines (SEO), incorporate keywords and metadata to guarantee malware classified at the top of user research.
The victims were then attracted to the submission of personal data, including their taxpayer register number (Cadastro de Pessoas Físicas, CPF) and were invited to pay for “fees” about $ 16 via Pix. While individual losses were low, the campaign targeted around 10,000 people, which potentially brought in $ 160,000 in illicit gains. Beyond defrauding the victims, fraud compromised the sensitive government and banking systems.
No arrests have been reported so far, showing how fast the fraud led by AI can be ahead Brazilian cybercrime agencies. In fact, American analysts from Zscaler Knearelabz, rather than Brazilian officials, detected the diagram.
The AI improves phishing by facilitating social engineering – cutting people by revealing sensitive information, note Gueiros. “AI is mainly used to deceive people, to make them believe that something is real when it is not,” he explains, allowing criminals to collect data and push victims into risky actions. It is faster and more profitable than violation systems.
But AI tools are not the central problem: phishing always attacks human vulnerabilities. The training of the authorities of emerging cybercrime tactics can help investigations, says Gueiros, but “the prevention of fraud ultimately depends on the improvement of digital literacy and public education to recognize and resist these scams”.
Featured image: snapshots of false faces of doctors produced by AI, based on looks recruited by criminal groups in Rio Grande Do Sul. Credit: RBS TV
