Point of sale (PoS) systems are payment devices that are used at almost any store. Depending on the number of purchases or bookings, these machines have eased the job of retailers by simplifying the money collection process. Recently, they have been modified to allow customers to swipe a credit card, insert a chip-based card or tap a card or their mobile device in order to ease the process of payment.
Along with good things come the bad and PoS systems are no exception. While these internet-connected devices have simplified the payment process for retailers, they have also opened doors for new threats from cybercriminals.
The common attack method
PoS malware designed to steal information on payment cards from PoS systems has become a common cybercrime against the hospitality sector and restaurant chains.
To initiate an attack, malware such as TinyPoS and DMSniff are deployed on a PoS terminal of the targeted organization. Later the malware steals the information entered on the terminal and transmits it to a cybercriminal via the internet.
Look back to PoS attacks from 2019
Mexican restaurant chain ‘On The Border’ was compromised after attackers accessed payment card details of customers through malware installed on payment processing systems at some of its locations. The incident occurred between April 10 and August 10, 2019. The compromised information included customers’ names, credit card numbers, expiration dates, and verification codes.
Catch Hospitality Group, announced that its restaurants Catch NYC and Catch Roof were compromised from March 19 through October 17 of this year. The PoS malware used in the attack was capable of obtaining payment card information including the name of the cardholder as well as the card numbers, expiration date, and internal verification code.
Four restaurant chains in the U.S - McAlister’s Deli, Moe’s Southwest Grill, Schlotzsky’s, and Hy-Vee - had suffered payment card theft after hackers compromised their payment systems using PoS malware. The attack had occurred between April 29, 2019, and July 22, 2019.
North Country Business Products (NCBP), a Minnesota-based provider of PoS products announced a massive breach that affected nearly 140 bars, restaurants, and coffee shops across the US. The PoS malware used in the attack was designed to harvest cardholder name, credit card number, expiration date, and CVV.
Protection against PoS malware