The discovery of a cyber crime operation in Brazil that may have stolen billions of dollars from Internet users is likely the largest electronic theft ever reported, illustrating the immense scale of this growing criminal activity.
The scam — which was uncovered by RSA Security, part of the information technology company EMC Corporation — targeted up to an estimated $3.9 billion in online transactions, reported Reuters. It is unclear what portion was successfully stolen by the alleged criminals, but according to The New York Times even half the targeted value would make this the largest electronic theft on record.
The criminals allegedly targeted transactions made via Boleto Bancario — a popular online payment method in Brazil — by infecting computers with malware, reported IG Sao Paulo.
The malware entered computers via e-mails and redirected money from online transactions to bank accounts controlled by cyber criminals.
According to RSA Security, the criminals are still active and may have started operating in late 2012. So far 192,227 people and 495,793 transactions have been affected.
InSight Crime Analysis
Brazil has been one of the region’s hardest-hit countries, along with Mexico, Colombia and Argentina. According to a report published by RSA Security (pdf), Brazil was tenth in the world and second in Latin America for estimated losses from phishing — stealing financial or personal information online — which cost the country an estimated $86 million in 2013.
SEE ALSO: Brazil News and Profiles
The growing popularity of online banking and electronic commerce and an estimated 107 million internet users — more than half the country’s population — have made Brazil especially vulnerable to cyber crime. According to the Brazilian Federation of Banks (Febraban), electronic crime costs the country around $700 million a year.
In response to the growing threat, Brazil implemented a new law in April 2013, which designated cyber crime as a criminal offense punishable by up to two years in prison. The law has been criticized for being too lenient, however, and some experts have warned that without greater regional cooperation, cyber criminals will simply target internet users in other countries.