Know that your POS is an especially attractive target for cyber thieves. Stolen credit card info has a limited shelf life as credit card companies quickly identify suspicious spending. As such, thieves are always on the lookout for new numbers and a POS is an optimal place for them to mine.
In fact a 2015 report stated that the estimated financial loss from 700 million compromised records was $400 million. POS Security - The cost of attacks that compromised 700 million records in 2015 is estimated at $400 million.
For large businesses there is a huge loss of reputation and loss of sales, while many small businesses do not recover from the cost of this type of hack and can even go out of business. Remember that it's a business owner’s responsibility to ensure that they provide their customers with a secure shopping environment.
Knowing what you are up against is always helpful and below we go over some of the latest POS malware and threats to watch out for in 2015.
The Malum POS attack is unique in that it can be reconfigured by cyber thieves to breach a wide variety of POS systems. MalumPoS targets Oracle Forms, Shift4 systems, and those accessed via Internet Explorer. Once installed in a POS system, the malware disguises itself as “the “NVIDIA Display Driver” or displays as “NVIDIA Display Driv3r”. The familiarity of NVIDIA components to regular users may make the malware seem harmless, however that’s far from the truth. MalumPoS selectively looks for any data on Visa, MasterCard, American Express, Discover, and Diner's Club cards and is very configurable in order to evolve further.
vSkimmer targets POS systems using Windows OS to steal credit card information. It infects itself in the file ‘iexplorer.exe’, and stays active by rewriting in the registry key, and then hijacks credit card data and transfers it to a command-and-control server. That’s all really technical, but bottom-line is that the attack takes over a core part of Internet Explorer on windows machines.
BlackPOS (a.k.a “Kaptoxa”) targets POS systems with card readers running Windows. BlackPOS discovers systems through automated Internet scans and then compromises them through weak remote administration credentials or unpatched vulnerabilities. It scans for Track 1 and Track 2 formatted data, and stores it in a file called ‘output.txt’, before uploading it to a compromised server. This was the malware discovered on Target and Home Depot’s POS systems last year.
What To Do Now?
As a business owner you are required to be PCI compliant as part of protecting your business from malware and other threats.
PCI compliance is a set of requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. Additionally, as of October 2015 you also now have to meet Europay, Mastercard, and Visa (EMV) standards which entails a shift from processing and accepting magnetic-stripe credit cards to using safer chip-and-pin cards.
POS malware can target your system at any time if you don’t think about security.
Make sure you follow these 5 tips to keep your POS secure:
- Pick an advanced POS, such as Vexilor, that works via the cloud and doesn’t store credit card data on the hardware itself - making it very hard to hack.
- Train your staff to recognize suspicious updates on the POS so they do not accidentally download malware.
- Prevent unauthorized downloads on the POS via employee web browsing with a that forbids internet browsing or that limits visits to approved sites only.
- Remember that Windows is a popular target for POS attacks, so look at non-Windows-based POS systems.
- Make sure your POS is up to date with the latest security patches, and choose a POS provider who has a history of providing a secure and modern POS.