Income Tax: Can the declaration deadline increase the risk of scams?

A Teltec Data specialist warns that the success of frauds this season does not depend on complex technologies, but on the exploitation of triggers such as authority, artificial intelligence, urgency, and the fear of tax audits to create impeccable bait.

5 minutes readPublished on 20/05/2026By teltec data

Income Tax: Can the declaration deadline increase the risk of scams?

With the opening of the Income Tax declaration season, the digital risk landscape in Brazil gains an extra layer, requiring increasing attention from individuals and companies. However, contrary to popular belief, the threat goes far beyond sophisticated malicious codes.

For Teltec Data, the real danger lies in the combination of a high volume of sensitive interactions, people's emotional state, and the use of Artificial Intelligence to refine the persuasion of taxpayers.

"During the Income Tax season, the risk does not change because of technology; it changes because of behavior and context. The period concentrates more haste and anxiety, as deadlines and the fear of making mistakes cause most people to click on links without verifying," explains Frankllin Nunes, Global Head of Architecture at Teltec Data.

According to the executive, cybercriminals no longer need to 'invent' a pretext for the attack. 'In the Income Tax context, the pretext already exists, and any message about pending issues, refunds, or fines seems much more plausible. This drastically increases the rates of malicious clicks and downloads.'

According to Teltec Data's diagnosis, attack tactics in 2026 are refined to overcome the user's critical sense through four classic triggers: the urgency to 'resolve it quickly', the fear of authority (Federal Revenue), the lack of technical knowledge about the rules, and the excessive trust in messages that replicate official channels.

"The common point of these patterns is that the attacker exploits three points of attention: authority, urgency, and reward. I often say that the criminal does not defeat security; he defeats the user's attention," reinforces Nunes.

The warning goes beyond immediate financial loss. According to the company, the theft of declaration documents, receipts, and income reports fuels an identity fraud industry that can last for years. With access to email, which the executive classifies as the 'master key of digital life', and to the CPF, criminals can open accounts, simulate identities, and carry out secondary scams on family members and companies for a long time.

"Income Tax documents become ammunition for years: it's not just today's scam; it's future fraud happening with your data. The attacker always bets that you will choose convenience over verification, and usually, he is right!" warns Frankllin.

Most Common Scams in 2026

Teltec Data has mapped the patterns that repeat the most this season:

Convenience phishing: sites that imitate e-CAC or refund portals, with layouts identical to the official ones, to capture credentials from gov.br.

Payment fraud: tampering with PDFs of guides and Pix QR Codes, where the beneficiary is switched to the criminal's account at the time of document closure.

The 'fake accountant': messages via WhatsApp requesting selfies, tokens, or remote access to 'confirm data' or 'avoid blocks'.

'Optimized' installers: offers of 'lighter' or 'faster' versions of the Income Tax program that actually carry spyware for banking monitoring.

Critical Recommendations for Companies and Offices

HR and finance departments become central targets due to the intense traffic of income reports. Teltec Data's recommendation is straightforward: less is more.

Unique formal channels: abandon the use of personal WhatsApp for exchanging sensitive documents.

Dual voice validation: any urgent request, change of account for refunds, or sending tokens must be confirmed by phone call.

Minimum privilege: restrict who can access, download, or share folders containing Income Tax documents.

Digital hygiene: use multi-factor authentication (MFA) mandatorily and avoid using the same Income Tax email account for registrations on random sites.

"In 2026, thanks to the help of artificial intelligence, the most dangerous scam is not the most 'technical': it is the most convincing, the one that seems official, arrives at the right time, and takes advantage of your desire to finish the process as quickly as possible," concludes the executive.