: TA14-002A: Malware Targeting Point of Sale Systems

[]

POS System Owner Best Practices

Owners and operators of POS systems should follow best practices to increase the security of POS systems and prevent unauthorized access.

• Use Strong Passwords: During the installation of POS systems, installers often use the default passwords for simplicity on initial setup. Unfortunately, the default passwords can be easily obtained online by cybercriminals. It is highly recommended that business owners change passwords to their POS systems on a regular basis, using unique account names and complex passwords.
• Update POS Software Applications: Ensure that POS software applications are using the latest updated software applications and software application patches. POS systems, in the same way as computers, are vulnerable to malware attacks when required updates are not downloaded and installed on a timely basis.
• Install a Firewall: Firewalls should be utilized to protect POS systems from outside attacks. A firewall can prevent unauthorized access to, or from, a private network by screening out traffic from hackers, viruses, worms, or other types of malware specifically designed to compromise a POS system.
• Use Antivirus: Antivirus programs work to recognize software that fits its current definition of being malicious and attempts to restrict that malware's access to the systems. It is important to continually update the antivirus programs for them to be effective on a POS network.
• Restrict Access to Internet: Restrict access to POS system computers or terminals to prevent users from accidentally exposing the POS system to security threats existing on the internet. POS systems should only be utilized online to conduct POS related activities and not for general internet use.
• Disallow Remote Access: Remote access allows a user to log into a system as an authorized user without being physically present. Cyber Criminals can exploit remote access configurations on POS systems to gain access to these networks. To prevent unauthorized access, it is important to disallow remote access to the POS network at all times.

Consumer Remediation

Fraudulent charges to a credit card can often be remediated quickly by the issuing financial institution with little to no impact on the consumer. However, unauthorized withdrawals from a debit card (which is tied to a checking account) could have a cascading impact to include bounced checks and late-payment fees.

Consumers should routinely change debit card PINs. Contact or visit your financial institutions website to learn more about available fraud liability protection programs for your debit and credit card accounts. Some institutions offer debit card protections similar to or the same as credit card protections.

If consumers have a reason to believe their credit or debit card information has been compromised, several cautionary steps to protect funds and prevent identity theft include changing online passwords and PINs used at ATMs and POS systems; requesting a replacement card; monitoring account activity closely; and placing a security freeze on all three national credit reports (Equifax, Experian and TransUnion). A freeze will block access to your credit file by lenders you do not already do business with. Under federal law, consumers are also entitled to one free copy of their credit report every twelve months through AnnualCreditReport.com.

Consumers may also contact the Federal Trade Commission (FTC) at (877) 438-4338 or via their website at www.consumer.gov/idtheft or law enforcement to report incidents of identity theft.

Tweet