The New York Times has reported that the Department of Homeland Security has expanded its estimate of businesses affected by the Trojan.backoff Point of Sale malware. Over 1000 total businesses in the U.S. are reported to have been affected, up from around 600, which was reported earlier this month. Dubbed “Backoff”, this Trojan malware steals customer payment details through remote access applications.
This kind of activity appears to be growing. Identity theft, according to the Bureau of Justice Statistics, affected 16.6 million people in 2012. Hackers sell credit card data in underground markets. Credit card data is used to produce fake credit cards, or make online purchases.
How Can Retailers Protect Customers?
According to Symantec security expert, Kevin Haley, a properly configured endpoint protection product can block even the most dogged attacker, especially when it comes to a POS system. As a device with limited functionality, a POS is easier to secure than a PC with email and web-browsing capabilities.
Multi-Layered Protection
Symantec Endpoint Protection 12.1 includes System Lockdown, Application Control, Device Control and Firewall capabilities, providing multiple layers of protection to maximize security. These tools allow you to minimize the attack surface by limiting the specific applications running on the system, as well as regulate which devices and applications are allowed to access the network. Limiting applications and network accessibility on the machines can render malware useless.
Existing SEP customers can optimize their POS protection by following our guide, available here.
For more important links to help safeguard your business, please visit:
Upgrading to SEP 12
How To Secure your Mobile POS Devices
Secure Your Point Of Sale System
How Can Customers Protect Their Information?
Most customers no longer carry cash everywhere they go, so it is important that they are equipped with the information to help them to keep their finances safe.
Here are a few key tips for consumers:
- Sign up for online access to credit card accounts via the credit card company’s website, or download the app.
- Track online transactions and regularly verify purchases.
- Report any suspicious transactions to a credit card company immediately. In most cases, fraudulent charges can be reversed, and the account frozen to prevent any further theft.