/i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/o/f/PWy6jxSeCxux1GWVkI0g/favicon.png){kind=small}
Overview
- Brazil’s management ministry published instructions for people who lose access to their gov.br account, urging victims to treat it like document theft and to file a police report.
- Recovery through the “forgot my password” flow with facial recognition keeps the account’s prior security level, while recovery by phone or email downgrades the profile to bronze.
- After regaining control, users are told to change the password, check recent logins, and block any unknown device recorded by the platform.
- Recent reports describe fake gov.br pages that use urgent messages to lure clicks and steal CPF, passwords, and one-time codes, which can be used to attempt access to INSS, tax filings, benefits, and digital documents.
- Authorities stress prevention for a gateway used by 176 million people across more than 4,600 federal services, noting no evidence of a platform breach and warning that social engineering remains the main risk.