Point of Sale Malware Attacks Explained - #30SecTech
Author: SavvyMediaGal27 Employee Posted: 02-Dec-2014 | 12:09PM · Edited: 13-Aug-2015 | 4:02PM · 0 Comments · Translation:
As consumers around the country get ready for another holiday shopping season, hackers are likely gearing up with Point-of-Sale (POS) malware kits. Over the past year many US retailers—big and small—fell victim to mega-breaches that compromised approximately 100 million payment cards, potentially affecting about one-third of US consumers. Some retailers have taken measures to secure their POS terminals, but until a complete transition to more secure payment technologies is made, many retailers are still vulnerable to POS attacks. Therefore, it is up to consumers to remain vigilant against this type of fraud in order to stay protected.
What is a point-of-sale (PoS) breach?
A POS breach is an attack that is executed to steal the 16-digit credit card numbers of retail customers. Once these credit card numbers have been stolen, they often end up in underground markets for sale, where thieves pay up to $100 apiece. The information that is purchased can be used to make fake credit cards. Contrary to common belief, POS breaches happen most often to small and medium-sized businesses because their POS systems are easier to compromise than those of larger retailers.
How is a POS system attacked?
Typically, POS attacks are multi-staged operations, first gaining access to the victim’s network in order to enter the POS systems. Once access is gained to the POS system, the malware is installed, allowing the captured information to be exported from the retailer’s network to the hacker.
There are various ways that an attacker can gain access to a business network. One way is by exploring weaknesses within the network systems to implant malicious code. Another way is by sending a malicious attachment or link in a spear-phishing email to an individual within the organization, infecting that individual’s computer and allowing the cyber criminals access to the network.
The most widely used POS malware, BlackPOS, was found for sale in the underground market for $2,000—a small investment for a venture that can bring in millions in profit from a successful operation. This malware is capable of capturing payment card details during the short moment after a card is swiped because the card details are briefly stored in the terminal’s memory while the information is transmitted to the payment processor. This method, known as “memory scraping”, is the data-stealing technique behind most of the major POS breaches of 2013 and 2014.
Risks for consumers
Norton Security software helps protect your credit card information while it’s on your computer; however, once you hand it over to a merchant, you are depending on their security measures to protect your data. So remember, if you plan to pay with credit cards this holiday season at brick and mortars, keep a watchful eye and regularly check your credit card activity.
How to stay protected?
The best way to stay protected is to stay alert. Check your credit card statement regularly. Report any strange or fraudulent activity to your financial institution as soon as you notice it to ensure you get your money back. Follow these five precautions to remain protected against credit card fraud:
- Sign up for online access to your credit card account via the credit card company’s website, or download their app. If the financial companies you do business with offers email or text activity alerts, sign up for them.
- Keep track of your card statement, and be sure to verify all posted transactions. Criminals often make small transactions to test if the card is still usable, such as a $1 charitable donation.
- Report any suspicious transactions to your credit card company immediately. If you discover a fraudulent charge, in most cases, the charge can be reversed, and your account will be frozen to prevent any further fraudulent activity.
- In the event another breach occurs, and if you are consumer with the company that suffers a breach, closely monitor your financial accounts. Even if you do not notice any fraudulent activity immediately, that doesn’t mean that you are safe. It’s common for thieves to hold on to stolen credit card numbers to evade immediate detection. That means it could be months before they actually make a purchase.
- Always guard your personal information such as your address, Social Security number, and date of birth, and PIN codes. These details can be used defeat additional security checks, and even facilitate identity theft.
Data Breach - The Best Defense is Vigilance
POS Malware Data Breaches and Why They Keep Happening
POS malware: Potent threat remains for retailers
'Backoff' Malware Steals Customer Credit Cards From 600 Stores