Dear Black Bag Confidential Reader,
It’s to be expected that during this busy holiday season, lots of people will be making multiple purchases at retail stores with credit or debit cards.
What most people don’t realize is that one of the most vulnerable points of any transaction is the moment you check out. In fact, in the past two years, over 100 million payment cards have been breached by point-of-sale attacks.
Unfortunately, this type of theft will continue to rise as hackers become more sophisticated. And since stolen credit card numbers can be worth up to $135, criminals endeavor to hack as many point-of-sale systems as possible.
The scariest part is this is rather easy to do.
Here’s how it happens: Hackers will target a specific retail location with malware that can read the memory of a specific device.
This software infiltrates the store’s payment processing system — using spam emails, searching for the stores online login credentials or by tapping a third party that has access to the store’s payment system.
The task of hacking is made all the easier because most retail stores have their point-of-sale systems connected to their main computer network, which they also use for accessing email, searching the internet and a variety of other day-to-day operations.
These attacks actually began by accident — hackers were infecting store computers with malware and realized they could gain information from the point-of-sale devices.
This year, credit card companies have tried to reduce point-of-sale thefts by adding chips to all credit and debit cards. Even with the increased security measures, point-of-sale attacks will continue as cybercriminals figure out ways to get around them.
The main problem is that no matter what credit card companies do, devices in retail stores will always be connected to the internet or some network of computers, which makes them vulnerable.
This type of cybercrime has become so easy and automated that a hacker can attack thousands of point-of sale-devices at a time, which increases their odds of gaining access and stealing information.
Unfortunately, as consumers, this type of theft is out of our control. The responsibility of implementing security protocol to prevent these attacks sits squarely on the shoulders of the retailers. Retailers should always make sure their security updates are completed and current on their point-of-sale devices. Retailers should also make sure their devices are not connected to the internet. Instead, they should be connected only to a specific host network.
Even though you can’t control what precautions a retailer takes, there are three easy things you can do to protect yourself from point-of-sale hacks:
- Remember the old saying, cash is king. If you pay in cash, then you’ve got nothing to worry about. Similarly, in the world of espionage, you always pay in cash so there’s never a paper trail.
- Review your credit card statements each month. Immediately call your credit card company if you don’t recognize a transaction or if anything looks suspicious.
- Put a freeze on your credit report. If hackers do acquire your personal information, they can’t go around making big purchases — like buying a house or a car — using your credit.
If you’re a subscriber to my Spy & Survival Briefing, click here for a special report that gives step-by-step instructions on how to put a freeze on your credit.
If you’re not yet a subscriber, click here to sign up. As we get closer to the holidays, point-of-sale attacks will become more and more frequent. You should do everything in your power to ensure your information is protected — so don’t delay.
Stay safe,
Jason Hanson
