Visa experts warned that gas stations in North America are increasingly being attacked with the goal of installing PoS malware. So, two such cases were reported in November and December of the current year, and in total, the company’s security service investigated at least five such incidents in 2019.
Let me remind you that PoS malware constantly monitors the contents of the RAM of an infected machine in order to extract unencrypted payment card data from there, which are collected and then downloaded to a remote attacker server.
The situation is complicated by the fact that PoS terminals in stores currently often support chip-and-PIN transactions, but most devices installed at gas stations cannot boast of this. Card readers work there according to old technology, which allows you to read data for payment only from the magnetic strip of the card. As a result, the data in unencrypted form is transmitted to the main network of gas stations, where fraudsters can intercept them.
According to Visa, a wave of attacks on gas stations began this summer. It is believed that two of the five attacks known to researchers were related by a major cybercrime operation, known as FIN8.
Visa experts believe that to protect their customers, gas station owners need to either encrypt card data when they are transmitted over the network and stored in memory, or switch to using chip-and-PIN, which will significantly reduce the risks and likelihood of such attacks. For this, the gas station operators have time until October 2020, after this period the responsibility for any card fraud will fall on the shoulders of the vendors themselves.