Remember meForgot password?
    Log in with Twitter

article imageOp-Ed: Point of sale threats rising — What options do consumers have?

By Larry Alton     May 7, 2014 in Business
Point of sale (POS) attacks are spiking in 2014, and the year isn’t even halfway over. What can consumers do to address these growing threats?
According to Verizon’s Data Breach Investigations Report (DBIT), there are nine main patterns that data breaches follow. However, the top one is POS intrusions, likely because it’s the easiest for hackers and thieves to infiltrate. Already dubbed the Year of POS Attacks, 2014 might not be off to the greatest start, but there are lessons to be learned by every attack, which means you and your business don’t have to be next.
The first step in a POS attack is to compromise the actual device and install malware. This collects data from customers, retrieves it, and finally the thief can cash it all in. Of all the 2014 attacks so far, the motive has always been the same: financial. However, there’s also an element of “I told you so” and the thrill of instilling fear into consumers. While hackers don’t always steal actual money from customers, they do steal information to make identity theft feasible, which is a growing issue.
The biggest threats
Usually, organized crime rings or hackers are at the core of such attacks, many of them based in Eastern Europe. These are highly skilled criminals who are good at what they do. The attacks all have similar approaches, but there’s some creativity when it comes to the actual tackling of POS systems. The Director of Security Research at Lancope, Tom Cross, says that POS terminals which are connected directly to the Internet are the easiest targets, which is one reason why online POS software is becoming increasingly more popular.
Cross says, “In the past year, we know that POS malware was used in much more sophisticated attacks against larger, better defended retail establishments. This process mirrors what we expect to see with other kinds of embedded systems associated with the "Internet of Things.” In other words, criminals are getting smarter and if you’re sticking with the low hanging fruit of direct-connect POS systems, it is the very definition of insanity. That’s what makes 2014 the year of moving to POS mobile software.
Fear of the unknown
Many small business owners shy away from POS mobile software because it “doesn’t seem as safe” when that’s actually not the case. Another common mistake is using POS for activities besides actually processing sales. POS systems are being used for personal things, for reaching out to customers, and are basically being charged with the ultimate in multi-tasking. The head of Malware Intelligence at MalwareBytes, Adam Kujawa, notes that “It’s necessary to understand the risks they (business owners) take when doing so from a company computer.”
Every time a POS system is used, there’s the risk of phishing, malware, and other exploits with social media being an exceptionally hot spot for such activity. Ensure those privacy setting are up to snuff on Facebook, but also remember that just one piece of data might be the missing link criminals need to take advantage of your customers. To stay protected, choose highly reputable and tested POS software and get your systems regularly tested by a professional.
This opinion article was written by an independent writer. The opinions and views expressed herein are those of the author and are not necessarily intended to reflect those of
More about point of sale, Security, Threats
Latest News
Top News