One of the most dangerous places in America is your local retailer. Before you leave the building with your purchases, you run the risk of having your identity stolen.
No doubt you recall the 2013 security breaches at Target, Michael’s, and Neiman Marcus where millions of records were compromised by Point-of-Sale (PoS) attacks. PoS occurs when the customer makes a payment to the merchant. That last exchange is the most vulnerable.
Large retail merchants lead the list by 50% of organizations where consumers’ data was compromised in 2013, followed by credit card issuers and consumer banks, according to the #DataInsecurity Report done by the National Consumers League, in cooperation with Javelin Strategy & Research. The #DataInsecurity Report also revealed that 61% of data breach victims reported the breached information was used to commit fraud against them.
This should not come as a surprise. According to the Nilson Report, approximately $4 trillion dollars was paid with credit, debit, and prepaid cards in the U.S. last year. Add to that the ready availability of code to execute PoS attacks available on underground forums and you have the perfect storm of a large victim pool for cybercriminals. The U.S. is an easy target since EMV cards (cards with chips embedded) have not been widely adopted. EMV, conceived between Europay, MasterCard and Visa, is a standard securing payments in other countries.
Cybercriminals don’t care about the size of your business
Although most of the PoS attacks highlighted in the media were against large retailers, cybercrooks don’t care how large or small your business is. You would think they would, but cybercriminals are more interested in raking in the money rather than caring about the fame they could possibly receive from attacking a large and popular business. Regardless of its size, if your business has a PoS system to charge customers for products or services, you should be protecting your system to save yourself from a possible attack. PoS attacks not only steal valuable customer information, they can damage your business’s reputation.
The #DataInsecurity Report shows that only 10% of retail fraud victims are confident that retailers can protect their information in the future.
How PoS attacks work
The biggest PoS Trojans, like Dexter, BlackPOS, Minerva, and vSkimmer, have targeted systems and networks running Windows. Read more…