Brazil’s criminal groups are weaponizing artificial intelligence (AI) to drive high-tech financial fraud, exploiting gaps in a fast-growing digital ecosystem as banks, legislators, and police scramble to keep up.
Even as street crime fell and Brazil’s homicide rate hit a decade low, cybercrime losses reached an estimated $54 billion in 2024 — about $1,000 per victim, according to the Global Anti-Scam Alliance.
SEE ALSO: Technology Is Increasingly at the Heart of Criminal Operations in Brazil
Connectivity is fueling the surge. With 86% of Brazilians online, roughly 217 million smartphone connections, 75% of banking transactions on mobile devices, and more than 70% enrolled in Gov.br, Brazil’s national digital ID platform, the country has become a goldmine for cybercriminals.
InSight Crime highlights three recent cases that show how Brazil’s widespread connectivity and AI tools enable cybercriminals to run increasingly sophisticated and lucrative operations.
Rio Ghost Riders
In August 2025, Rio de Janeiro police dismantled a fraud ring behind nearly 2,000 fake Uber trips. The group used AI-generated images to evade identity checks and create dozens of fake driver and passenger accounts, bypassing Uber’s verification systems.
Once the accounts were active, the fraudsters manually booked long rides with extra stops to inflate fares. The ghost “rider” would cancel the account before payment was processed, leaving Uber to pay the “drivers.” Stolen funds were then funneled through Pix, the instant payment system used by over 182 million Brazilians, and dispersed quickly across multiple accounts to evade detection, at least initially.
Pix handles more than 6 billion transactions a month — outpacing credit and debit cards combined. Its speed allows fraudsters to siphon funds before banks or investigators can react, making asset recovery extremely difficult.
SEE ALSO: Brazil’s Red Command Turned Turf Control Into Ride-Hailing Monopoly
Uber eventually uncovered the scheme. The company told InSight Crime that its anti-fraud team flagged the activity, alerted authorities, and is now cooperating with Rio police. Guilherme Gueiros, a criminal lawyer specializing in cybercrime, says Brazilian authorities had limited options without Uber’s cooperation. “It is the responsibility of companies like Uber, which must be aware of how their platforms can be manipulated… [only they have] the ability to detect and prevent such fraud,” he said.
The scale of the operation became clear after Rio police launched their investigation, which initially uncovered $21,240 in illicit profits. A full reconstruction of the transactions later revealed that a single suspect had moved $136,000 over just four months.
Deepfake Doctors
Ride-hailing fraud is just one facet of a broader shift. Criminal groups in Brazil are also using AI-generated deepfakes to forge synthetic identities and evade biometric safeguards in banking and government systems — enabling large-scale digital heists.
The threat made headlines in August 2025, when authorities shut down a small but sophisticated network operating in São Paulo, Espírito Santo, and Pará. Those arrested included a 44-year-old São Paulo man with prior fraud convictions who falsified documents and moved stolen funds; a 20-year-old in Pará who harvested sensitive data with WhatsApp bots; and a 29-year-old document forger in Espírito Santo.
The group targeted doctors from Rio Grande do Sul. After compromising their Gov.br accounts, they recruited lookalikes for photos and used AI to digitally alter the images, creating fake IDs that could bypass facial recognition safeguards.
SEE ALSO: Fraud Groups Use Deepfakes to Enhance Imitation Scams in Peru
The IDs were then used to open high-limit, often corporate, accounts to launder ill-gotten funds, discreetly funneling small amounts through multiple accounts and the Pix platform to evade detection.
Lax digital banking, Know-Your-Customer (KYC), and anti-money laundering rules in Brazil, combined with slow court procedures for accessing transaction data, let the fraudsters move cash in a few hours while investigators spent months trying to trace it, Gueiros told InSight Crime.
These systemic gaps led to immediate losses for victims: investigators confirmed the fraudsters attempted to divert about $130,000. The scheme only came to light when a doctor reported that his Gov.br account had been hacked.
Next-Level Phishing
While deepfake identity fraud is rising in Brazil, phishing remains the main method cybercriminals use to access accounts and devices. One of the oldest digital fraud tactics — dating back to the mid-1990s — phishing works by sending deceptive messages via email, text, or other channels with malicious links or attachments. By posing as trusted entities, criminals trick victims into installing malware that steals personal or financial data. It is often the first step in a larger cyberattack.
Phishing has been amplified by AI, which creates more convincing fake websites, automates mass distribution, accelerates content changes, and manipulates search results, overwhelming traditional takedown efforts.
A Brazilian group known as “PINEAPPLE” has used AI to escalate phishing campaigns. Leveraging cloud platforms and AI-assisted site impersonation, the group created convincing clones of official websites. In 2024, it mimicked Brazil’s tax authority, directing victims to a fake portal that delivered malware and harvested personal data when they attempted to download tax forms.
SEE ALSO: The Global Malware Menace Born in Brazil
In 2025, an unidentified group moved to fully AI-driven phishing attacks, using generative tools like DeepSite AI and BlackBox AI to craft hyperrealistic websites for Brazil’s traffic department and education ministry. They manipulated Search Engine Optimization (SEO) techniques, embedding keywords and metadata to ensure the malicious sites ranked at the top of users’ searches.
Victims were then lured into submitting personal data, including their Individual Taxpayer Registry (Cadastro de Pessoas Físicas, CPF) number, and were prompted to pay “fees” of about $16 via Pix. While individual losses were small, the campaign targeted roughly 10,000 people, potentially netting $160,000 in illicit gains. Beyond swindling victims, the fraud compromised sensitive government and banking systems.
No arrests have been reported so far, showing how quickly AI-driven fraud can outpace Brazil’s cybercrime agencies. In fact, US-based analysts at Zscaler ThreatLabz, rather than Brazilian officials, detected the scheme.
AI enhances phishing by facilitating social engineering—tricking people into revealing sensitive information, Gueiros notes. “AI is mainly used to fool people, to make them believe something is real when it isn’t,” he explains, allowing criminals to gather data and push victims into risky actions. It’s quicker and more cost-effective than breaching systems.
But AI tools are not the core problem: phishing still preys on human vulnerabilities. Training authorities in emerging cybercrime tactics can help investigations, Gueiros says, but “preventing fraud ultimately depends on improving digital literacy and educating the public to recognize and resist these scams.”
Featured image: Snapshots of AI-produced fake faces of doctors, based on lookalikes recruited by criminal groups in Rio Grande do Sul. Credit: RBS TV