Panda Security today announced the findings from its multi-year security assessment of business services for U.S. immigrants. These multiservice businesses, primarily used by U.S. immigrants to send money back to their home countries, also known as remittances, were analyzed by Panda Security and were found to be severely lacking in security measures and at extremely high risk for cybercriminal activity such as illegal interception of money wire transfers, as well as credit card and identity fraud. You can obtain a free copy of the entire report and findings from Panda Security's multi-year study by contacting

According to U.S. Immigration Support, it is estimated that worldwide remittances amount to more than $126 billion and have become a considerable force in the economy of many countries. Last year alone, Mexico received more than $17 billion in remittances through U.S.-based workers, the highest of all countries. Since these offices cater to the immigrant population, they are primarily located in geographic regions that contain a high concentration of Hispanic workers. Panda Security's multi-year assessment focused on the greater Los Angeles, Calif. and Las Vegas, Nev. regions and encompassed an observation of over 300 locations and approximately 1500 computers, representing an estimated 0.45 percent of all multiservice businesses nationwide. Panda Security was granted access at each site and conducted assessments, interviews with the business owners, and an investigation of the network security measures in place within each operation.

The Findings and Threats

The results are alarming and deduce that these businesses, numbering approximately 66,000 in the U.S. alone, are at very high risk for cybercrime security breaches and theft. Surprisingly, the computers present in these offices are typically consumer grade Dell personal computers with very few enhancements or software additions. In repeated visits over the past two years, Panda Security consistently found that trial antivirus software on these machines had long since expired and any kind of proactive security measure was viewed as an unnecessary business expense. At least 30 percent of the 1,500 computers directly observed had outdated antivirus software and an alarming 60 percent were actively infected.

In addition, employees at these businesses are frequently minimum wage young adults who spend time chatting, using peer-to-peer networks and visiting chat sites on the very same computers that store sensitive data such as social security numbers, DMV records, tax records and credit card information. This combination of lack of maintenance, low security consciousness and end user behavior result in highly vulnerable systems that are very easy for cybercriminals to infiltrate.

Since approximately 80 percent of the machines studied are being used for remittances and money transfer to immigrants' home countries, analysis of the security assessments conducted over a two year period found that each network computer is at extremely high risk for cybercriminal activity. All of these risk exposures significantly increase the probability for criminals to successfully intercept authorized remittances to beneficiaries in Mexico via the following tactics:

  • A Trojan / Keylogger can be installed on the target computer (either through a targeted phishing attack or other means of malware infection) capable of capturing screen information and/or taking details directly from the browser session via a sophisticated HTML injection. This would be facilitated by high-risk behavior of the people who operate the terminals and poor security standards, such as trial antivirus software and infrequent system maintenance.
  • A terminal operator who authenticates with a Web-based transfer system can then initiate a wire transfer on behalf of the client (who has appeared in person at the location in the USA). The information regarding the transfer is typically visible on their screen as is the PIN number, beneficiary name and bank/branch where the money will be available. The money is available as early as 15 - 45 minutes on the receiving end and service bureaus watch to see if multiple small