According to Visa’s Payment Fraud Detection (PFD), cybercrime groups are targeting merchant point-of-sale (POS) systems to steal payment card details. What is surprising is that these groups are looking at gas station POS to carry out these attacks.
The PFD specifically identified two such attacks. In each of these cases, the hackers gained access to the POS networks through malicious emails and some other unknown means. The attack then moved on to installing POS scraping software in the system and used the lack of security to steal data from the mag stripe cards that do not have a chip.
Visa in its report said that its forensic analysis indicates that the attacks can be attributed to FIN8, a cybercrime group that has been active since at least 2016. The group has been known to target the POS environments of retail, hospitality and restaurant merchants to steal payment account data.
Visa has advised the Fuel dispenser merchants to “take note of this activity and deploy devices that support chip wherever possible, as this will significantly lower the likelihood of these attacks.”
It has further advised all merchants to secure their remote access with strong passwords, enabling EMV technologies, and monitoring network traffic.