Card fraud up while keyloggers grow in sophistication

7 Apr 2010

Credit and debit card issuer Visa has issued an alert warning all retailers that trojan-driven keylogger incidents are on the rise, with Windows-based terminals being particularly vulnerable.

The rising number of keylogger attacks on retailers’ till terminals is due to the fact that many units are Windows-driven and therefore susceptible to the same type of malware infections as office and home PCs.

“Trojan-driven keylogger attacks have been on the rise for home and office PC users for some time, but companies and home users are getting wise to the problem and are installing IT security software on their machines,” said Mickey Boodaei, CEO of the browser security and fraud prevention specialist Trusteer.

“For retailers, however, the problem is more complex, as many of their terminals are subject to leasing and maintenance contracts, meaning that they tend to rely on the supplier/maintained for their IT security protection,” he added.

However, Boodaei advises retailers not to be afraid of checking with their till terminal supplier about issues such as IT security, as with significant new penalties regarding data leaks and breaches, retailers accepting card payments from their customers need to be aware of their options.

Consumers should also take precautions against keyloggers, the Trusteer CEO went on to say, as criminals are increasingly targeting payment card information on the internet.

Variants of malware

Many malware variants collect card data as customers type it in while making a purchase online, he explained, adding that more sophisticated malware can also change payment pages on websites, asking for additional card and personal information. 

“Our research team have also come across malware variants that steal card information when you log onto your bank account. They frequently change the login page to request your card information and then send this information on to the criminals,” he said.

According to Boodaei, the increasing sophistication of cyber criminals looking to rip retailers and their card-carrying customers off is a problem that will not go away because, as existing avenues of card fraud are closed off, cyber criminals will attempt to open new ones up.

“Unfortunately, keyloggers are an ideal vehicle for card fraud, as they allow fraudsters to radiate trojans out via sophisticated bulk emailers and sit back for unwary recipients to click on the links and unwittingly install the keylogging malware on their Windows-driven machines,” he said.

“Consumers can do their part by installing a browser add-in, such as Trusteer’s Rapport software, which is offered as a free download by banks such as HSBC, RBS/NatWest and the Santander Group. Retailers, meanwhile, should contact their till terminal supplier for advice on their own IT security options,” he added.

By John Kennedy

Photo: Visa is warning retailers that trojan-driven keylogger incidents are on the rise

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years