Suspected Phishing Gang Chief Apprehended In Brazil

According to media reports, federal police in Brazil have arrested Valdir Paulo de Almeida, the suspected leader of a gang that stole USD 37 million from its victims’ online bank accounts. It is claimed that the gang, which included more than 18 people, stole from online banking customers using a Trojan horse sent to thousands of computers via email.

Sophos has previously identified a trend of Trojan horses being written specifically to target customers of Brazil’s online banking websites and believes that Trojans are increasingly being used as a phishing device to steal money. Once a computer is infected with a Trojan, internet activity is monitored and when a banking website is accessed, confidential data can be transferred to fraudsters.

“This is the latest arrest of phishers in Brazil – last year, more than 50 arrests were made and in February, a gang of four were arrested. It’s great that the Brazilian authorities are stamping down on internet fraudsters,” said Graham Cluley, senior technology consultant at Sophos. “Most computer users are aware of the threat from phishing emails that direct online bank users to fake websites, but some are still unaware of the threat from Trojans which can surreptitiously steal hard-earned cash without any warning. By protecting their PC with updated anti-virus software and a firewall, and exercising caution, computer users can continue to enjoy the benefits of banking online.”

The head of the police department in charge of internet fraud in Brazil’s state of Santa Catarina believes that Paulo de Almeida headed up one of Brazil’s biggest gangs: “They moved between 50 and 100 million reais (USD 18 million and USD 37 million) over the last two years… [and] sent over three million emails with Trojan horses per day.”

Sophos has produced a guide to help online bank customers avoid becoming victims of these phishing attacks. It is available to download free of charge at: http://www.sophos.com/spaminfo/bestpractice/phishing.html