Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Visa Issues Till Terminal Keylogger Threat Warning To Retailers

Trusteer : 06 April, 2010  (Technical Article)
Increased incidences of card fraud using information gained from keylogging transaction terminals requires retailers to maintain security levels of their IT equipment to prevent malware infection
Payment card servicing firm Visa has issued an alert to its transaction processing members and their clients - retailers of all sizes - that trojan-driven Keylogger incidents are on the rise. According to Trusteer, the rising number of Keylogger attacks on retailers' till terminals is due to the fact that many units are Windows-driven and therefore susceptible to the same type of malware infections as office and home PCs.

'Trojan-driven Keylogger attacks have been on the rise for home and office PC users for some time, but companies and home users are getting wise to the problem and are installing IT security software on their machines,' said Mickey Boodaei, CEO of the browser security and fraud prevention specialist.

'For retailers, however, the problem is more complex, as many of their terminals are subject to leasing and maintenance contracts, meaning that they tend to rely on the supplier/maintained for their IT security protection,' he added.

However, Boodaei advises retailers not to be afraid of checking with their till terminal supplier about issues such as IT security, as with significant new penalties from the Information Commissioner's Office (ICO) regarding data leaks and breaches, retailers accepting card payments from their customers need to aware of their options.

Consumers should also take precautions against keyloggers, the Trusteer CEO went on to say, as criminals are increasingly targeting payment card information on the Internet.

Many malware variants collect card data as customers type it in while making a purchase online, he explained, adding that more sophisticated malware can also change payment pages on Web sites asking for additional card and personal information.

'Our research team have also come across malware variants that steal card information when you log onto your bank account. They frequently change the login page to request your card information and then send this information on to the criminals,' he said.

According to Boodaei, the increasing sophistication of cybercriminals looking to rip retailers and their card-carrying customers off is a problem that will not go away because, as existing avenues of card fraud are closed off, cybercriminals will attempt to open new ones up.

'Unfortunately, keyloggers are an ideal vehicle for card fraud, as they allow fraudsters to radiate trojans out via sophisticated bulk emailers and sit back for unwary recipients to click on the links and unwittingly install the keylogging malware on their Windows-driven machines,' he said.

'Consumers can do their part by installing a browser add-in such as Trusteer's Rapport software, which is offered as a free download by banks such as HSBC, RBS/NatWest and the Santander Group. Retailers, meanwhile, should contact their till terminal supplier for advice on their own IT security options,' he added.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo