PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

Retail Systems Under Attack

Raymond Pucci by Raymond Pucci
March 30, 2016
in Analysts Coverage
0

Chatbot.

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Just when we thought retail POS systems had become more secure from cybercriminals, we are learning that may not be the case. Cyber security software developer, FireEye, is reporting that many types of malware are still being found on merchants’ payments processing systems.

Cybercriminals are redoubling efforts to steal payment card details from retailers before new defenses are put in place, according to FireEye. More than a dozen types of malware were found last year that target point-of-sale systems, the electronic cash registers the process payments at many retailers.

Over the last few years, hackers have successfully breached the systems, targeting weaknesses or software vulnerabilities in order to extract card details to sell on the black market.

Major retailers affected by card breaches in the last few years, including Target, have upgraded their systems. But the cost and long delays in getting new systems certified have delayed the transition, leaving a windows for cybercriminals.

Nart Villeneuve, a senior threat intelligence researcher with FireEye, wrote on Monday that more than a dozen malware families that target POS systems were found last year.

“Criminals appear to be racing to infected POS systems in the United States before U.S. retailers complete this transition,” Villeneuve wrote.

In response, card issuers and banks have improved their ability to identify and block potentially fraudulent transactions. But the potential windfall has criminals working overtime.

Villeneuve described a new type of POS malware called Treasurehunt, which steals payment card data from a computer’s memory.

“In a typical scenario, Treasurehunt would be implanted on a POS system through the use of previously stolen credentials or through brute forcing common passwords that allow access to poorly secured POS systems,” he wrote.

Both the EMV transition and card-not-present issues may have distracted us from the payments security risks still present in merchants’ point-of-sale systems. Those risks have not gone away despite more sophisticated cyber security measures. Not surprisingly, the malware has become smarter too, and fraudsters will typically gravitate to mass retailers’ credit card databases—because that’s where the money is.

Overview by Raymond Pucci, Associate Director, Research Service at Mercator Advisory Group

Read the full story here

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    cashless payments

    Exploring The Future of Cashless Payments

    June 8, 2023
    debit cards, Gen Z

    Debit Builds Consumer Loyalty Among Gen Z and Other Top Demographics

    June 7, 2023
    check fraud

    Check Fraud: The Threat is Real

    June 6, 2023
    smart banking

    Smart(er) Banking Requires More Than Just Tech

    June 5, 2023
    Google Wallet Expands Features

    Google Wallet Continues to Bet on Digital with Expanded Features

    June 2, 2023
    digital value

    How Embracing Digital Value Can Help Solve the B2C Payments Conundrum

    June 1, 2023
    instant payments, real-time payments, RTP

    Banks Developing Instant Payments Products in the U.S. Should Focus on Billers to Generate New Revenue Streams  

    May 31, 2023
    Digital Wallet Use Delivers on Convenience and Security

    Digital Wallet Use Delivers on Convenience and Security

    May 30, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result