Unless you live in New York or Chicago, the chances of you pumping gas on a regular basis are quite high – and the possibility of hackers stealing your credit card information might be high too, according to VISA. The California-based multinational financial services corporation company recently issued a security alert warning to the public. Its fraud detection team has identified a recent increase in cybercrime involving point-of-sale (POS) systems used in compromised brick-and-mortar businesses. According to the statement made by VISA, due to the high volume of customers and outdated cybersecurity techniques, fuel dispenser merchants have become an attractive target for hackers wanting to steal credit card information.
A high-percentage of pump stations in the USA use outdated technology and are an easy target for bad actors who often can work their way in the networks used by those types of businesses. In the warning, the VISA’s fraud team described three incidents involving POS systems. The first two unique attacks include gas stations, and the third one is from the hospitality industry. Since the issue is ongoing, the card-issuing company did not share the names of the possible affected companies but did not shy away from mentioning one of the cybercrime organizations that are behind some of the attacks – FIN8.
According to the financial services corporation, FIN8 is a money-driven threat group that has been active for more than three years. The cybercrime organization’s primary goal is to harvest payment account data by hacking merchants from the retail, restaurant, and hospitality industries.
How do hackers manage to get into systems?
Experts say that hackers are using phishing schemes where gas-station employees are targeted. When a gas-station employee opens an email containing a malicious link, this leads to a back-door software installed on the system. It is then easy for hackers to get access to all the data stored on the local servers that include names and card numbers. Once in the hands of the bad actors, the information could be used to drain accounts or to be sold on the dark web so others can take care of the stealing.
How do hackers manage to get into systems?
If driving an electric car is not an option for your taste or financial status, there are a few things you can do to avoid getting scammed by cybercriminals:
- Check out the card reader before you insert the card
If you see anything suspicious on the card reader report it to an employee or the police. Even if you are not sure that what you see is a skimming device, it is always better to share your concerns than just ignoring them.
- Use credit cards instead of debit cards
Most of the time, financial organizations offer protection that would cover any damages caused by fraudulent transactions on a credit card. However, if hackers manage to steal money from a debit card banks may not be as helpful in returning the money.
- Keep an eye on recent transactions
Your internet banking would allow you to spot any transaction that you do not recognize and flag any money movement on your account. Your card issuer will be happy to deactivate the compromised card and overnight you a new one immediately.
- Antivirus software
Cyber protection can often detect if there has been any unusual activity on any of your accounts or prevent you from opening phishing emails that would expose you or your loved ones to hackers. Being protected is no longer a luxury but a necessity.
- Shop at gas stations that use chip readers to accept payments
If you like using mom and pop gas stations, now might be a good time to stop pumping there. It may be a few cents cheaper, but the less-secure mag-stripe readers might be exposing your credit card information to bad actors. There is a reason why VISA will require POS to use chip readers by October 2020. After that, any stations without the new technology will be liable for any fraud.
VISA did not confirm how many people have been affected and how big are the merchants whose systems have been compromised. However, it is worth mentioning that every day millions of Americans go to gas stations that do not yet use the chip and pin readers – the card details of the very same millions of US residents are stored on such local servers that could be attacked at any time.