It could be the biggest cyber scam ever and the Brazilian banking system is paying for it. According to the experts of RSA security - a US company specializing in computer security - in the last two years approximately 3,7 billion US dollars have been stolen from Brazilian banks. The machination, in fact, targets a payment system, called Boleto, in use by all banks in the country and regulated by Febraban, the Federation of Brazilian banks.
The Boleto, very popular and used daily throughout Brazil, is accessible online and can be used for many different types of payments. The malware, the effects of which were reported in 2012, has already affected more than 192 computers and resulted in 495 fraudulent transactions. Bolware – as it has been called by RSA analysts – masks transactions, making it difficult for consumers to trace the fraud.
And all this despite the fact that Brazilian banks have allocated substantial investments to enhance security, using sophisticated anti-malware measures. But the Bolware gang was more skilful, constantly changing the look of their product and posting 19 different versions on the net. Gary Davis, a researcher at McAfee, another US company active in the antivirus field, observed that Bolware is transmitted via simple phishing techniques, a type of computer fraud aimed at obtaining sensitive personal data such as passwords, credit, etc.
"The reliability of these messages," says Davis, "is such that any user of the network can fall into the trap."
