Types of Point of Sale Attacks
Point of sale attacks are seemingly popping up everywhere. There have been many severe data breaches from large corporations, making it even scarier to consider what could happen. At Comodo, we believe that POS security is necessary and important, so we have come up with the three most popular attacks on point-of-sale systems to help you understand the difficulties better. They include:
- Memory Dumpers
- Network Sniffers
Point of sale attacks can be part of a keylogger situation, where they place devices on the system or use malicious code to read all the information that is typed or input. This can also include card readers, so when the card is swiped, it will steal the information before it can be encrypted.
With this attack, the attacker compromises the payment system remotely, installs malware to record keystrokes and credit-card swipes and then steals user credentials and other information or records it. Sometimes, they can even capture screenshots of your computer and then the information can be relayed back to the attacker.
Attacks on point-of-sale systems can also be achieved with memory dumpers. When any card is swiped, track data is stored in memory for a second until it is sent to the payment application. Most encryption doesn’t start until it is sent to the payment application, so in that split second it is in the memory, the attacker can steal the information.
Point of sale attacks can also use network sniffers, which can be installed on the POS system. All the hacker has to do is place the NIC into promiscuous mode so that the network sniffer can monitor traffic on that area of the system. The information can be copied from data packets and sent back to the hacker. Contact us today if you’d like to learn more about these attacks and how to prevent them.