The discovery of a cyber crime operation in Brazil that may have stolen billions of dollars from Internet users is likely the largest electronic theft ever reported, illustrating the immense scale of this growing criminal activity.

The scam — which was uncovered by RSA Security, part of the information technology company EMC Corporation — targeted up to an estimated $3.9 billion in online transactions, reported Reuters. It is unclear what portion was successfully stolen by the alleged criminals, but according to The New York Times even half the targeted value would make this the largest electronic theft on record.

The criminals allegedly targeted transactions made via Boleto Bancario — a popular online payment method in Brazil — by infecting computers with malware, reported IG Sao Paulo.

The malware entered computers via e-mails and redirected money from online transactions to bank accounts controlled by cyber criminals. 

According to RSA Security, the criminals are still active and may have started operating in late 2012. So far 192,227 people and 495,793 transactions have been affected.

InSight Crime Analysis

Cyber crime is growing quickly in Latin America, which is an attractive region for cyber criminals due to weaker electronic security measures and a growing number of Internet users.

Brazil has been one of the region’s hardest-hit countries, along with Mexico, Colombia and Argentina. According to a report published by RSA Security (pdf), Brazil was tenth in the world and second in Latin America for estimated losses from phishing — stealing financial or personal information online — which cost the country an estimated $86 million in 2013.

SEE ALSO: Brazil News and Profiles 

The growing popularity of online banking and electronic commerce and an estimated 107 million internet users — more than half the country’s population — have made Brazil especially vulnerable to cyber crime. According to the Brazilian Federation of Banks (Febraban), electronic crime costs the country around $700 million a year.

In response to the growing threat, Brazil implemented a new law in April 2013, which designated cyber crime as a criminal offense punishable by up to two years in prison. The law has been criticized for being too lenient, however, and some experts have warned that without greater regional cooperation, cyber criminals will simply target internet users in other countries. 

What are your thoughts?

Click here to send InSight Crime your comments.

We encourage readers to copy and distribute our work for non-commercial purposes, with attribution to InSight Crime in the byline and links to the original at both the top and bottom of the article. Check the Creative Commons website for more details of how to share our work, and please send us an email if you use an article.