Panda Security Reveals Alarming Findings From Multi-Year Security Assessment of Business Services for U.S. Immigrants

December 11, 2008

GLENDALE, Calif., Dec. 11 /PRNewswire/ — Panda Security, a world leader
in IT security, today announced the findings from its multi-year security
assessment of business services for U.S. immigrants. These multiservice
businesses, primarily used by U.S. immigrants to send money back to their home
countries, also known as remittances, were analyzed by Panda Security and were
found to be severely lacking in security measures and at extremely high risk
for cybercriminal activity such as illegal interception of money wire
transfers, as well as credit card and identity fraud. To obtain a free copy of
the entire report and findings from Panda Security’s multi-year study please
contact CriticalAlert@us.pandasecurity.com.

According to U.S. Immigration Support, it is estimated that worldwide
remittances amount to more than $126 billion and have become a considerable
force in the economy of many countries. Last year alone, Mexico received more
than $17 billion in remittances through U.S. based workers, the highest of all
countries.(1) Since these offices cater to the immigrant population, they are
primarily located in geographic regions that contain a high concentration of
Hispanic workers. Panda Security’s multi-year assessment focused on the
greater Los Angeles, Calif. and Las Vegas, Nev. regions and encompassed an
observation of over 300 locations and approximately 1500 computers,
representing an estimated 0.45 percent of all multiservice businesses
nationwide. Panda Security was granted access at each site and conducted
assessments, interviews with the business owners, and an investigation of the
network security measures in place within each operation.

The Findings and Threats

The results are alarming and deduce that these businesses, numbering
approximately 66,000 in the U.S. alone, are at very high risk for cybercrime
security breaches and theft. Surprisingly, the computers present in these
offices are typically consumer grade Dell personal computers with very few
enhancements or software additions. In repeated visits over the past two
years, Panda Security consistently found that trial antivirus software on
these machines had long since expired and any kind of proactive security
measure was viewed as an unnecessary business expense. At least 30 percent of
the 1500 computers directly observed had outdated antivirus software and an
alarming 60 percent were actively infected.

In addition, employees at these businesses are frequently minimum wage
young adults who spend time chatting, using peer-to-peer networks and visiting
chat sites on the very same computers that store sensitive data such as social
security numbers, DMV records, tax records and credit card information. This
combination of lack of maintenance, low security consciousness and end user
behavior result in highly vulnerable systems that are very easy for
cybercriminals to infiltrate.

Since approximately 80 percent of the machines that Panda Security studied
are being used for remittances and money transfer to immigrants’ home
countries, analysis of the security assessments conducted over a two year
period found that each network computer is at extremely high risk for
cybercriminal activity. All of these risk exposures significantly increase the
probability for criminals to successfully intercept authorized remittances to
beneficiaries in Mexico via the following tactics:

— A Trojan / Keylogger can be installed on the target computer (either
through a targeted phishing attack or other means of malware infection)
capable of capturing screen information and/or taking details directly from
the browser session via a sophisticated HTML injection. This would be
facilitated by high-risk behavior of the people who operate the terminals and
poor security standards, such as trial antivirus software and infrequent
system maintenance.

— A terminal operator who authenticates with a Web-based transfer system
can then initiate a wire transfer on behalf of the client (who has appeared in
person at the location in the USA). The information regarding the transfer is
typically visible on their screen as is the PIN number, beneficiary name and
bank/branch where the money will be available. The money is available as early
as 15 – 45 minutes on the receiving end and service bureaus watch to see if
multiple small transactions to the same beneficiary occur. On a compromised
machine, all of this required information can be obtained instantaneously and
the cybercriminal can determine whether or not to strike, depending on dollar

— False identification bearing the name of the recipient or beneficiary
can be created in a matter of minutes and a mule with false identification can
be sent to pick up the funds. Due to advanced dye sublimation card printing
technologies and corrupt government employees, high quality false documents
made with real substrate can be available in mere minutes. In one popular wire
transfer service that makes wire pickup available in a large Mexican national
bank the beneficiary does not even need to pick up at the designated branch.

“By targeting businesses geared towards immigrants’ needs, cybercriminals
are picking an easy target and taking advantage of computer systems that have
little to no barriers to entry,” said Carlos Zevallos, Security Evangelist and
lead researcher of this project. “The lack of education on the part of these
business owners coupled with the sheer vulnerability of their networks is
creating the biggest potential in cybercriminal gain we’ve seen yet. If
security measures aren’t put in place immediately on these networks, we as a
country could stand to lose millions of additional dollars due to cybercrime

Preventing and Protecting

For all businesses geared towards U.S. immigrants whose systems are
vulnerable to attack, Panda Security recommends the following protocol:

1. Make sure you have an up-to-date anti-malware suite and set it to scan

2. Make yourself aware of the security practices put into place before
conducting your business. Panda Security suggests using FDIC accredited banks
or Western Union because they have higher security standards than most
multiservice businesses.

Panda Security is offering complimentary security consultation and
certification for businesses in need of assistance. For businesses affected by
these security problems (this includes check cashing and money transfer
locations), please visit http://us.pandasecurity.com/criticalalert/ to receive
assistance from the Panda Security Critical Situation Line. In addition
businesses can scan and disinfect their PCs for free with Panda ActiveScan
2.0; please visit this website for the free services:

About Panda Security

Panda Security is one of the world’s leading IT security providers, with
millions of clients around the globe and products available in over twenty
languages. Our mission is to keep our customers’ information and IT assets
safe from security threats, giving them the most effective protection with the
minimum resource consumption.

Every day, thousands of new malicious codes are created. To combat this
threat, Panda Security has developed an innovative and unique security model
which can automatically analyze and classify thousands of new malware samples.
This model is collective intelligence and ensures that Panda Security
solutions can protect against far more threats than the products of any other
company. The exceptional detection capacity of collective intelligence can be
put to the test at the Infected or Not website (http://www.infectedornot.com).

For more information and evaluation versions of all Panda Security
solutions, visit our website at: http://www.pandasecurity.com/

(1) http://www.usimmigrationsupport.org/immigrants_send_money_home.html

SOURCE Panda Security

Source: newswire

comments powered by Disqus