Digital crime thrives in Brazil

Online cybercrime 'schools' and a vast array of products and services focused on those wishing to enter the life of digital crime are more easily available in Brazil than any other country, says study.

Brazil has a thriving scene of cybercrime online "schools" offering training programs as well as a vast array of services offering financial data obtained illegally, according to a recent study on the country's digital underworld.

According to the study "The Brazilian Underground Market - the Market for Cybercriminal Wannabes?" by Trend Micro, Brazil is the only country where training services are offered to budding criminals in such a comprehensive manner.

Anyone with basic computing skills can enter the cybercrime world through training offered online, with plenty of "how-to" videos and forums information is exchanged with peers, as well as specific theory-only or hands-on training services, with the option of full support when the training ends.

An example of training uncovered by the study is the sought-after topic of how to perpetrate bank fraud. Typically, cybercriminal wannabes learn the fraud workflow, then move on to how to use the tools needed to capture data at a cost of R$1.499 ($579).

Brazilian online thieves can also easily shop for products such as phishing tools, lists of usernames and passwords for eBay, PagSeguro (a Brazilian PayPal equivalent), Mercado Livre (the local version of eBay) and others, as well as credit card number generators and software that modifies information of bills paid online, therefore directing the funds to the criminal's account.

In addition, Brazilian cybercriminals offer an array of services such as malware-checking for as about R$30 ($12) for one month to R$150 ($58) for six months. Services, products and training can be paid for via bank deposits, PayPal transfers or bitcoins.

"Cybercrime in Brazil is increasingly developing. The supply of software, services and malicious malware is growing and prices are dropping. This survey serves as a warning to users about the problem of digital security and to the measures they should take in terms of their online behavior," says Fernando Mercês, researcher at Trend Micro.