The Good Night Cinderella Threat to Corporate Data

Scammers in Brazil continue to show an unfortunate amount of creativity. From supposed inheritances to PIX “refunds” to fake Brazilian lawyers, the risk facing American investors is real, and what’s at stake can be substantial. The immediate loss may be money, but the larger risk may be access.

The latest example is the “Boa Noite, Cinderela” (“Good Night, Cinderella”) scam. The expression is commonly used in Brazil for schemes in which a victim is drugged through a spiked drink in a bar or other social setting. But the scam isn’t limited to that fact pattern.

More recently, a businessman in Santos allegedly lost more than BRL$130,000 (approximately US$25,000) after meeting someone at a commercial establishment, returning with that person to his apartment, and losing consciousness. The reported losses included unauthorized bank transfers made directly from the victim’s cell phone.

While this case involved personal losses, the more uncomfortable question for American companies is what else could have been accessed or taken. If the victim had been a business owner, executive, or employee, a compromised phone, laptop, or cloud account could have exposed company banking details, client communications, and other confidential or sensitive information that could be used for extortion, impersonation, or follow-on fraud.

For international travelers, safety isn’t just about being careful in bars or when walking around at night. The same risks can follow business travelers into meetings and routine transactions. In a market where scammers are this creative, doing business requires staying vigilant at all times.