This page uses cookies to improve the user experience on our website. By clicking "Accept", you consent to the collection and use of the information to ensure the best browsing experience. To find out more, read out our Privacy Policy.

Accept

How to identify a fraudulent boleto bancário

Published on 09/12/2019 - Updated on 09/26/2024

Understand the most common types of boleto bancário fraud and know how to prevent this situation.

Payment fraud is not unusual in Brazil. In fact, the Brazilian Federation of Banks – Febraban – registers over BRL 450 million frauds annually. In addition, recent data shows that 12 million Brazilians were a victim of online fraud, and e-commerce stores are one of the main channels for fraud attempts. The same research shows that, among the victims, over 50% said they did not receive their purchase, and 42% responded that the product delivered was different than the one they actually bought.

Boleto bancário, the second most used payment method in Brazil, is accountable for many of these cases. Unlike credit cards, this alternative payment method does not allow refunds, which means that, in most cases, buyers will not get their money back.

 

Most common types of boleto fraud

This year, regional police in the Federal District and the state of Goiás took down a criminal operation that held over BRL 19 million in frauds with boleto.

Criminals had contacted online shoppers that completed their purchase using this method and requested a new payment, claiming the first one did not go through. After that, they would use false accounts to complete fake purchases and generate a new barcode. This barcode was then sent to buyers, and, once the payment was processed, the merchandise would be delivered in a different address.

Police could not find how the criminals were able to identify which customers bought with a boleto. But Konduto, an anti-fraud platform for e-commerce, believes the most likely scenario is that consumers had their data leaked or their device infected by malware.

So, in order to understand how to prevent being the victim of payment fraud, you must first know the most common types of extortion.

 

1. Bolware

Infected software and hardware and compromised content are a few ways criminals find to fake a boleto. The malware intercepts the document and alters the invoice data. This way, the payment is not compensated for in the merchant’s account. In this scenario, both the merchant and clients are harmed. To avoid situations like this, it is important that customers install a reliable antivirus program in both desktop and mobile devices.

With the implementation of the registered boleto, this type of fraud had been reduced. Now, when a boleto is issued, it is registered by the Brazilian Central Bank with both merchants and consumers data. However, caution is still necessary before completing the transaction: the confirmation screen must exhibit the same information shown on the invoice. Any divergence may indicate fraud.

 

2. False sales

Another common practice is faking an online sale. In this case, the alleged merchant offers its product or service on an online platform – like a marketplace for secondhand items – and drives the customer off the website to complete the purchase.

The criminal may then send a fake boleto or even arrange an alternative payment method – like money transfer, for instance.

Therefore, customers should always make sure they are paying on a secure platform. Some ways to verify this are checking if the shop is using an SSL certificate and if the payment link is under the same domain. This way, buyers can rest assured the products will be delivered to them, in addition to being offered a range of warranties in case there are any problems with the purchase – like refunds, for instance.

 

3. Stock abduction

This scenario affects e-commerce businesses and not buyers.

Let’s say an online store launches a big sale offering attractive discounts for their clients. The competitor then purchases a large number of products using boleto bancário but does not pay the invoice.

A boleto bancário payment date is usually set to expire within a few days, and transactions are not confirmed immediately. In addition, most boleto payments are confirmed with a delay of up to three business days. Both factors combined mean the parcel is not immediately released for delivery but shows as unavailable for other customers. Ultimately, the stock is retained, and the competitor can sell their products to the same target audience.

E-commerce stores can protect themselves from this criminal practice by integrating their online stores with antifraud platforms that detect suspicious purchases. In addition, they can also work with boleto providers that offer the option to set shorter or longer expiration dates according to their needs, as well as fast payment confirmation. PagBrasil’s Boleto Flash® not only allows merchants to define how many days they can wait for a boleto to be paid, but it also confirms payment in less than one hour on business days.

 

4. False charging

Another common practice criminals use is charging for a tax, fee or license that does not exist. This is especially common during the time Brazilians do their taxes: fake boletos are sent to them by post or email. The victim pays the boleto bancário to avoid alleged implications such as fines or restrictions.

 

Additional practices to avoid payment fraud

Aside from installing antivirus software and completing the purchase on a secure platform, there are a few practices that can help avoid these unpleasant situations.

In fact, Brazil’s credit protection service – SPC Brasil – showed what actions online fraud victims took to prevent future hassles. The research pointed out that 43% now check out from a secure platform, and 41% said they look up the merchant’s reputation in social media or on complaint websites such as Reclame AQUI.

Also, 38% stopped sharing their personal data on social media and another 38% reported that they do not answer emails or phone calls that request personal information. Only 9% of respondents said they do not shop online anymore.

Additionally, if a customer suspects fraud, there are other measures to take – such as the ones listed below.

 

1. Look up names in databases

Some criminals send out fake boletos threatening the victim that their name will be included in databases such as SERASA, a private company that holds information about Brazilians’ debt situations. Those who have their name included in these lists have limited or no access to credit, which can prevent them from taking out student loans, house mortgages, and even domestic credit cards.

To make sure the allegation is real, it is possible to lookup pending debts through the companies’ websites.

 

2. Consult official organs

In case of alleged tax charges, it is recommended to consult the official organ that would be responsible for the invoice. This way, the victim will not only be able to identify if the boleto is real but also confirm how and when they can pay for their taxes.

 

3. Ask for a Nota Fiscal

All Brazilian merchants are required to issue a Nota Fiscal when selling their products or services. Customers must be sure to ask for this document whenever purchasing online – this way, in case of any discrepancy, the client can prove the exact amount paid and seek a refund.

It is important to highlight that international stores that do not have a Brazilian entity will not be able to issue a Nota Fiscal. Instead, they will provide an international invoice. In addition, reliable e-commerce stores will always clear that the parcels are sent from abroad and provide customer support.

 

What to do if you are a victim of fraud

If you are a victim of a fraudulent boleto bancário, the best way to obtain a refund is to contact the institution that issued the payment. This way, the buyer can collect the amount from the issuing company.

However, if the payment has not been processed through an institution – and is, therefore, a false document – the victim must go to the police.

 

 

Leave a Reply

Your email address will not be published.