Gov.br Phishing Scams: How to Spot Fake Government Notifications in Brazil
Learn how scammers impersonate Brazil's Gov.br portal through fake SMS, emails, and WhatsApp messages. Verify legitimate government communications and protect your CPF.
Gov.br Phishing Scams: How to Spot Fake Government Notifications in Brazil
Brazil's Gov.br portal is the centralized digital gateway for over 150 million citizens to access government services — from tax filing to social benefits, driver's licenses, and retirement claims. That centrality makes it one of the most impersonated platforms in the country. Scammers craft convincing fake notifications to steal CPF numbers, Gov.br login credentials, and personal data.
Here is how to recognize and avoid Gov.br phishing attacks.
How Gov.br Phishing Scams Work
1. Fake SMS Notifications
You receive a text message claiming to be from the federal government. Common lures include:
- "Your CPF has been suspended. Regularize at: [malicious link]"
- "You have a pending tax refund. Confirm your data: [link]"
- "Your CNH (driver's license) will be canceled. Update now: [link]"
The link leads to a fake Gov.br login page designed to steal your credentials.
2. Phishing Emails from "Receita Federal"
Emails that look like they come from Brazil's tax authority arrive during tax season and throughout the year. They may reference your real name or partial CPF number (obtained from data breaches) to appear legitimate.
3. Fake WhatsApp Messages
Scammers send WhatsApp messages impersonating government agencies, often using official-looking profile pictures and formatting. They claim you need to update your registration, verify your identity, or pay a fine to avoid legal consequences.
4. Fake Gov.br Login Pages
Phishing websites replicate the Gov.br login interface pixel-by-pixel. When you enter your CPF and password, the credentials go straight to the attacker, who then uses them to access your real Gov.br account.
5. Fake App Store Listings
Fraudulent apps that imitate the official Gov.br app appear in app stores. These apps request excessive permissions and steal personal data, sometimes even installing additional malware.
Red Flags to Watch For
| Red Flag | What It Looks Like | Reality |
|---|---|---|
| Urgency | "Your CPF will be blocked in 24 hours" | Gov.br does not threaten via SMS |
| Suspicious URL | gov-br-update.com, govbr.link | Real URL is always gov.br |
| Request for password | "Confirm your Gov.br password" | Gov.br never asks for passwords via message |
| Payment demand | "Pay R$XX to avoid penalty" | Government fines come through official channels |
| WhatsApp contact | Message from unknown number | Gov.br does not initiate WhatsApp contact |
| Grammar errors | Misspellings, odd formatting | Official communications are professionally written |
How to Verify Legitimate Gov.br Communications
Check the URL Carefully
The official Gov.br domain is always gov.br. Any variation — gov-br.com, govbr.org, governo-federal.com — is fake. When you need to access government services, type gov.br directly into your browser. Never click links from messages.
Use the Official Gov.br App
Download the Gov.br app only from the official Apple App Store or Google Play Store. Check that the developer is listed as "Governo do Brasil" and that it has millions of downloads.
Verify Through Official Channels
If you receive a notification claiming to require action:
- Do not click any links in the message
- Open the Gov.br app or website directly
- Log in to check for any actual pending notifications
- If uncertain, call the government service center at 156 or visit a local Poupatempo/INSS office
Check Your Gov.br Account Activity
The Gov.br portal shows your recent login history. Check it periodically:
- Log in at gov.br
- Go to your account settings
- Review recent access and connected devices
- Revoke any sessions you do not recognize
Protecting Your CPF
Your CPF (Cadastro de Pessoas Fisicas) is the key to your digital identity in Brazil. Scammers who steal your CPF can:
- Open bank accounts in your name
- Apply for loans and credit cards
- Access your government benefits
- File fraudulent tax returns
- Register phone lines for further scams
CPF Protection Steps
- Enable CPF alerts through Serasa and SPC Brasil to monitor usage
- Never share your CPF through unencrypted messages
- Check your CPF status regularly at the Receita Federal website
- Use two-factor authentication on your Gov.br account (the app supports biometric login)
- Report unauthorized use immediately through the Receita Federal
When you need to share your CPF or other government document numbers with a trusted party — such as an accountant, lawyer, or employer — do not send them via plain WhatsApp or email. Use LOCK.PUB to create a password-protected link that expires after viewing. This ensures your sensitive government ID numbers are not sitting permanently in someone's chat history.
What to Do If You Fell for a Gov.br Phishing Scam
- Change your Gov.br password immediately at the official gov.br website
- Enable two-factor authentication if you have not already
- Check your account for unauthorized changes or benefit claims
- File a police report (Boletim de Ocorrencia) online
- Report the phishing to CERT.br (cert@cert.br) and to the platform where you received the message
- Monitor your CPF through Serasa for any new registrations
Common Gov.br Phishing Scenarios
The "Suspended CPF" Scam
You receive an SMS: "Receita Federal: CPF 123.456.XXX-XX irregular. Regularize to avoid blocking: [link]." The partial CPF makes it seem real — but this data was obtained from a breach. The link leads to a fake page that collects your full information.
The "Digital Vaccine Card" Scam
Messages claim you need to update your digital vaccination records or lose access to services. The link installs malware or redirects to a credential-harvesting page.
The "Pending Benefit" Scam
A message says you have an unclaimed benefit — FGTS withdrawal, tax refund, or social program payment. You just need to "verify your identity" by entering your Gov.br credentials on a fake page.
Share Government Documents Safely
When you need to send copies of your RG, CPF, CNH, or other government documents to someone, think carefully about the channel:
| Channel | Risk Level | Why |
|---|---|---|
| Plain email | High | Can be intercepted, stays forever in inbox |
| Medium | Screenshots possible, chat history persists | |
| SMS | High | No encryption, easily intercepted |
| LOCK.PUB | Low | Password-protected, auto-expires, no trace |
Conclusion
Gov.br phishing is a growing threat because scammers know that Brazilians depend on government digital services for essential parts of daily life. The best defense is simple: never click links in messages claiming to be from the government. Always access Gov.br directly, enable two-factor authentication, and share sensitive documents only through secure, encrypted channels.
Protect your CPF and government credentials. Visit LOCK.PUB to share sensitive documents through free password-protected, expiring links.
Keywords
You might also like
Mobile Payment Fraud Prevention — Keep Apple Pay & Google Pay Safe
Mobile payment fraud is rising fast. Learn how to protect your Apple Pay, Google Pay, and Venmo accounts from unauthorized charges, phishing, and account takeovers.
Side Hustle Scams — How Fake Job Offers on Social Media Steal Your Money
Social media is flooded with fake side hustle offers promising easy money. Learn how these scams work, the warning signs, and how to protect yourself.
Boleto Fraud in Brazil: How to Spot Fake Boletos Before You Pay
Learn how scammers create fake boletos in Brazil and how to verify legitimate payment slips. Complete checklist to protect yourself from boleto bancario fraud.
Create your password-protected link now
Create password-protected links, secret memos, and encrypted chats for free.
Get Started Free