02 Oct 2014

Share

Offline danger from online threat

Duncan Alfreds, Fin24

Cape Town - The offline world may be subject to an online threat that targets financial information, a security firm has reported.

According to Kaspersky Lab, malware that infects a popular payment system may have dire implications for the offline world.

The scam works by infecting the Boletos system of financial transactions popular in Brazil. Criminals discreetly change payment credentials and redirect money from legitimate accounts.

"In particular they change the bar code and ID code to redirect a payment to a different banking account. Most people would struggle to notice these changes until it’s too late, and that's how the whole scam works: Victims unknowingly transfer the money to a fraudster's bank account when they think they are paying for a legitimate deal," Kaspersky said.

The scheme, while limited to Brazil, potentially could be used to target virtual payment systems anywhere in the world, especially where people are unaware of the risks of transacting online.

Formal economy

Kaspersky found that criminals have been using malware to compromise the payment system since at least 2013 and there is evidence that millions of dollars have been siphoned from people's accounts.

The cyber criminals have also managed to spread the malware through official channels, making it difficult for authorities to trace those responsible.

"In addition criminals were spotted using malicious browser extensions for Chrome, which were successfully distributed through the official Chrome Web Store, and extensions for Firefox," said Kaspersky.

Companies in South Africa and other developing nations have looked to virtual payment services as a way of bringing more people into the formal economy and making it easier to conduct financial transactions.

However, if criminals were able to compromise such a system, it could severely erode trust in the platform.

To protect against the risk, Kaspersky advised companies to issues server generated PDF Boletos rather than HTML ones which could be subject to tampering by criminals.

End users of any virtual payment should carefully examine all documentation and assume suspicion of e-mailed financial documents.


- Follow Duncan on Twitter

We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
Read more on:
kaspersky labcybercrime
heading
description
username
Show Comments ()
Rand - Dollar
19.20
-0.2%
Rand - Pound
23.83
-0.0%
Rand - Euro
20.42
-0.1%
Rand - Aus dollar
12.30
+0.0%
Rand - Yen
0.12
-0.4%
Platinum
948.30
-0.2%
Palladium
1,022.50
-0.7%
Gold
2,382.34
+0.1%
Silver
28.34
+0.4%
Brent Crude
87.11
-0.2%
Top 40
67,190
0.0%
All Share
73,271
0.0%
Resource 10
63,297
0.0%
Industrial 25
98,419
0.0%
Financial 15
15,480
0.0%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Partner Content
Embrace your creativity

09 Apr

Embrace your creativity
Students, it’s time to get the best laptop and deal on Mac at iStore

05 Apr

Students, it’s time to get the best laptop and deal on Mac at iStore
Sunrises, Narnia, and hobbit money – 10 fun reasons you need to visit New Zealand

19 Mar

Sunrises, Narnia, and hobbit money – 10 fun reasons you need to visit New Zealand
Beauty24 | Let’s debunk these common skincare myths

28 Mar

Beauty24 | Let’s debunk these common skincare myths
Find more
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders
GooglePlayLink HuaweiGalleryLink AppleStoreLink
© 2024 (3.0.24094.4) 24.com. All rights reserved.
Terms and Conditions Media24 Privacy Policy Vulnerability Disclosure
Contact us Help with my subscription
Iab Logo