Celebrating ten years of the Fraud Catalogue, RNP has launched a new version of the tool, which acts as a repository of messages classified as fraudulent and serves as a source of information for all of Brazil. Today, there are over 12,000 samples of virtual frauds available for consultation, catalogued in several categories, such as banks and financial institutions, e-commerce, social media, government, among others.

The Fraud Catalogue was created in 2008 by the RNP’s Security Incident Response Centre (CAIS), initially to clarify the academic community's doubts about the main scams on the Internet. Over time, the service has become an important repository of messages classified as phishing, to help raise awareness and protect users against this type of scam, which aims to obtain personal data or download malicious files and can cause financial losses and damage the image of people and companies.

The manager of CAIS/RNP, Edilson Lima, highlights the scope of the tool. "We are talking about a system capable of serving several audiences, not restricted to the academic or research community. It (the Catalogue) may interest the technical and scientific public or the end-user. It's a repository of frauds spread by e-mail, the phishing”, he explains.

Emails are collected daily by sensors or reported by users themselves. Each fraud goes through a screening process that eliminates spam (usually advertising and unwanted messages) and the foreign scams, maintaining only the national frauds. From there, these messages are rated and treated for posting in the catalogue.

In the new version, in addition to the technological update in the internal components of the catalogue, the system has gained a new search-indexing scheme that allows locating messages by subject, related mark or parts of the message content. It has also gained an area that provides updated statistics on frauds collected - by rating, period and type - and an area of response to most frequently asked questions.

Users can use the tool to search whether an email is fraudulent or not, or even to submit a suspicious message. "The phishing registered on the platform also serve to update security blacklists with samples of malware, URL and malicious IPs. With this, we hope to offer society a support tool in the fight against cybercrime and awareness in digital security", Edilson adds.

To report a suspicious message, send an e-mail to phishing@cais.rnp.br.

The new Fraud Catalogue of RNP is available at catalogodefraudes.rnp.br.