A Taxonomy of Pix Fraud in Brazil: Attack Methodologies, AI-Driven Amplification, and Defensive Strategies
This work addresses fraud risks for users and financial institutions in Brazil's Pix system, but it is incremental as it primarily reviews and classifies existing attack methods.
The study reviewed fraud attack methodologies targeting Brazil's Pix instant payment system, finding that fraud schemes have evolved from social engineering to hybrid strategies integrating human manipulation and technical exploitation.
This work presents a review of attack methodologies targeting Pix, the instant payment system launched by the Central Bank of Brazil in 2020. The study aims to identify and classify the main types of fraud affecting users and financial institutions, highlighting the evolution and increasing sophistication of these techniques. The methodology combines a structured literature review with exploratory interviews conducted with professionals from the banking sector. The results show that fraud schemes have evolved from purely social engineering approaches to hybrid strategies that integrate human manipulation with technical exploitation. The study concludes that security measures must advance at the same pace as the growing complexity of attack methodologies, with particular emphasis on adaptive defenses and continuous user awareness.