In the past, police in Brazil have worked hard to put hacking gangs
behind bars.
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have welcomed
the news that police in Brazil have arrested 55 people suspected of
being part of a gang which phished millions from online bank
accounts. Approximately 10 million reals ($4.6 million) is
estimated to have been stolen from innocent internet users.
The police swoop, which involved 330 members of the federal
police force, took place mostly in Campina Grande, in the state of
ParaÃba, some 1,100 miles north east of Rio. Other alleged members
of the gang are still being looked for by the authorities.
According to the police, the gang broke into approximately 200
accounts at six different banks, infecting internet users'
computers with spyware Trojan horses to steal confidential
information such as account numbers and passwords. The Trojan
horses were sent to online banking customers via email since May
2005.
According to a police statement, computers, cell phones, credit
cards and other materials have been confiscated and will be
examined as part of the investigation.
"Phishing is big business, and in recent years we have seen a
tidalwave of Trojan horses and other malware coming from Brazil
designed to spy upon users of internet bank websites," said
Graham Cluley,
senior technology consultant at Sophos. "The Brazilian police
should be congratulated for putting resource into investigating
these organised crime campaigns, and we hope this will send out a
strong message to others contemplating emptying online bank
accounts."
Sophos has expressed concern that the alleged leader of the gang
is said to be only 19 years old, and that nine others arrested so
far are minors.
"It's disturbing to see young people turning to internet crime
to make fast and easy money," continued Cluley. "Criminals are
writing more malware than ever before, designed to steal bank
account information from innocent computer users. All internet
users need to ensure their computers are properly defended with the
latest up-to-date protection software, and make sure they are not
putting themselves at risk."
More information about the arrests can be found on the Brazilian
Federal Police's website.
The British banking industry has published information about how
online bank customers can take steps to stay safe online at
www.banksafeonline.org.uk. The
Australian Bankers Association has also published
information about how consumers and small businesses can
protect themselves against online fraud.
Sophos recommends that companies protect their email with a
consolidated solution to thwart the virus
and spam threats as well as secure their desktop and servers with
automatically updated anti-virus protection. Additionally, computer
users should ensure they are defended by personal firewalls and the
latest Microsoft security patches.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.