This study addresses the escalating sophistication of fraud threats targeting Brazil’s Pix instant payment system, identifying and classifying dominant fraud types and revealing an evolutionary shift from conventional social engineering toward AI-augmented, human-technology hybrid attacks. Employing a mixed-methods approach—integrating structured literature review with in-depth interviews with banking experts—the research establishes, for the first time, a Pix-specific fraud taxonomy comprising six canonical fraud patterns, including novel AI-driven techniques such as voice cloning and real-time phishing. The core contribution is a “Dynamic Defense–User Awareness” integrated framework, which synergizes adaptive technical countermeasures with tiered financial literacy initiatives. The findings yield actionable detection, response, and prevention strategies for financial institutions and regulatory authorities, substantially enhancing resilience against intelligent financial fraud. (149 words)

This work presents a review of attack methodologies targeting Pix, the instant payment system launched by the Central Bank of Brazil in 2020. The study aims to identify and classify the main types of fraud affecting users and financial institutions, highlighting the evolution and increasing sophistication of these techniques. The methodology combines a structured literature review with exploratory interviews conducted with professionals from the banking sector. The results show that fraud schemes have evolved from purely social engineering approaches to hybrid strategies that integrate human manipulation with technical exploitation. The study concludes that security measures must advance at the same pace as the growing complexity of attack methodologies, with particular emphasis on adaptive defenses and continuous user awareness.