In Brazil, criminals steal people's iPhones to access bank accounts, not to resell devices

In São Paulo, Brazil's largest city, criminals steal people's iPhones, and after a few hours, they manage to gain access to users' bank accounts and then steal their accounts.

As reported by the Brazilian newspaper FSP, this kind of theft has been happening since the start of the pandemic and has only gotten worse. In the story, people with iPhone 11 and iPhone XR not only unlocked their iPhone, but also hacked their bank account.

Before the pandemic, it was common to see bike thieves stealing phones from inattentive people on the streets, but they used to resell the phones. Now there is a specialized gang invading not only the iPhone but also the bank account.

Procon-SP, the Brazilian consumer protection regulator based in the state of São Paulo, plans to take action against companies such as Apple, other smartphone makers and banks.

“Procon has already acknowledged the existence of a gang of cell phone receivers whose main illegal activity is not the resale of cell phones, but the fraud of passwords for bank fraud. This is done thanks to an army of pirates, ”said Executive Director Fernando Capez.

According to Police Chief Roberto Monteiro, "thieves have noticed the amount of information people put on their phones." He says, “Usually Waze users in the car with an Android smartphone are their primary focus. Although breaking an iOS system is more difficult, they also specialize in this area.

The mystery in these cases, especially when it comes to a locked iPhone, is how the criminals manage to break the security of iOS and the bank.

Two of the banks cited in the article are Brazilian fintech Nubank and Itaú Unibanco, Brazil's largest banking institution, as well as the largest in Latin America. In response, both banks said they regularly work on security fixes and reinforce the importance of keeping the smartphone and apps up to date.

The Brazilian Banking Federation claims that all banking applications are secure, from development to use.

“To be able to use the banking applications, the use of the customer's personal password is mandatory. Application usage data, as well as the customer's password, are never stored by the bank's applications on customers' mobile phones, ”the note specifies.

As for iPhone users, the general advice is as follows: use Face ID or password on messaging apps, important notes, WhatsApp and cancel all cards as quickly as possible if they get hacked.

Check out 9to5Mac on YouTube for more Apple news: