Christmas is coming, and what could be better this year than doing your Christmas shopping without having to leave home. All you need is a computer, an Internet connection and your credit card. Yet although this is one of the great benefits of the Web, it can also be the perfect trap: It gives certain types of criminals the chance to steal from a store’s customers without even going near the stop.

Stores’ Web pages receive their customers’ account details in order to complete the online transaction. If a cyber-criminal manages to access the store’s system, they would have access to this information and could exploit it to carry out their own transactions. To prevent this, you should make sure that the website interacts with the platform that your bank has set up in order to purchase online securely.

While such systems are at risk throughout the year, the Christmas period sees a lot more of this type of crime, given the amount of transactions that take place.

However, even if you go physically to the point-of-sale, there are still risks. In 2013, Target, the US retail chain, fell victim to an attack that leaked the credit card details of 40 million customers.

During the store’s Christmas campaign, cyber-criminals used a type of malware that targeted point-of-sale (POS) terminals, infecting the credit card payment systems. Since then, there have been many more such attacks, and the tools used are continually updated.

The strain of malware that hit Target was BlackPOS, a program that exploits a vulnerability to install on computers connected to POS terminals. It identifies the card reader process and steals information from the terminal memory with another malware: RAM Scraper.


This year another malicious code, FrameworkPOS, is doing the rounds. So far it has been used in attacks aimed at The Home Depot. With this system, cyber-criminals have managed to obtain the credit and debit card details of more than 50 million customers.

According to the Department of Homeland Security, as many as a thousand companies around the United States have been affected by another malicious code, dubbed Backoff, which targets POS terminals. Its effects are similar: It extracts data from the terminals’ memories to obtain card passwords. It infiltrates systems through the file ‘explorer.exe’.

Although there is little that customers can do about the malware that affects POS terminals, companies can take preventive measures. They should make sure that their antivirus solutions are up-to-date, use complex passwords on all devices, check their firewall and use encrypted data transfer systems.