PSA: Visa is warning folks about hackers stealing credit card details from gas pumps
Surprisingly, this isn’t a card skimmer, but an advanced phishing scheme.
Local gas stations can be an awfully sketchy spot in any neighborhood. But, instead of looking out for attendants overcharging you, there’s another part of the payment process that customers need to look out for. A recent report from Visa’s fraud detection system found that cybercriminals have been obtaining payment card details from those purchasing gas.
Visa found that the main entry point for hackers is gas stations that have point of sale (POS) systems without chip readers. These are older, less-secure point of purchase readers and don’t have any real type of security. Thus, making these easy targets for hackers.
“Fuel dispenser merchants should take note of this activity and deploy devices that support chip-and-pin wherever possible, as this will significantly lower the likelihood of these attacks.”
Sometimes when you are on the go and in need of gas, stopping by a local gas station is necessary, but, these shops may be equipped with those old school hardware systems. So, you may be taking a huge risk without realizing it.
Visa finds that gas stations with unsecure POS systems can be susceptible to hacks
The group responsible for these ongoing attacks is a hacking group known as FIN8. The team started in 2016 and specifically targets stores and restaurants with unguarded POS systems. How they have been going about these gas station attacks is by sending a malicious email with an equally malicious link. If anyone is familiar with cybersecurity in any capacity, this is how a typical phishing attack starts.
The email will be sent to gas station employees and, if clicked, a remote access trojan (RAT) will start to snag information to get into the network. Finally, with those credentials, credit and debit card numbers can be taken.
In order to prevent further attacks, Visa advises all gas stations to start installing chip and PIN readers within the next year.
What do you think? Surprised that credit card information can be stolen in this manner? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.
- A new report tells us less than 10% of Americans are buying $1,000+ smartphones
- So apparently Samsung HASN’T sold one million Galaxy Folds
- Hackers now have dedicated software that helps them break into Ring security cameras
- Tech Hangover: Google has mapped a whole bunch of the world