According to media reports, federal police in Brazil have
arrested Valdir Paulo de Almeida, the suspected leader of a gang
that stole $37 million from its victims' online bank accounts. It
is claimed that the gang, which included more than 18 people, stole
from online banking customers using a Trojan horse sent to
thousands of computers via email.
Sophos has previously identified a trend of Trojan horses being
written specifically to target customers of Brazil's online banking
websites and believes that Trojans are increasingly being used as a
phishing device to steal money. Once a computer is infected with a
Trojan, internet activity is monitored and when a banking website
is accessed, confidential data can be transferred to
fraudsters.
"This is the latest arrest of phishers in Brazil - last year,
more than 50 arrests were made and in February, a gang of four were
arrested. It's great that the Brazilian authorities are stamping
down on internet fraudsters," said Graham Cluley, senior
technology consultant at Sophos. "Most computer users are aware of
the threat from phishing emails that direct online bank users to
fake websites, but some are still unaware of the threat from
Trojans which can surreptitiously steal hard-earned cash without
any warning. By protecting their PC with updated anti-virus
software and a firewall, and exercising caution, computer users can
continue to enjoy the benefits of banking online."
The head of the police department in charge of internet fraud in
Brazil's state of Santa Catarina believes that Paulo de Almeida
headed up one of Brazil's biggest gangs: "They moved between 50 and
100 million reais ($18 million and $37 million) over the last two
years... [and] sent over three million emails with Trojan horses
per day."
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.