Payment processing company Visa reported that attackers at gas pumps intercept credit card data from point-of-sale networks, which are becoming increasingly attractive targets for such cybercrime organizations due to their lack of safe recognition software.
Visa said its Payment Fraud Disruption or PFD teams detected three separate threats targeting point-of-sale retailer or POS networks expected to be carried out by advanced cybercrime organizations in the summer of 2019. Two of the attacks targeted North American fuel dispenser merchants ‘ POS systems.
Forensic analysis of the targeted networks, according to Visa, suggested that the assaults on the fuel dispenser merchants will possibly be traced to a cybercrime group known as FIN8.
The firm indicated that since at least 2016, FIN8 has been an aggressive hacker group that often targets shopping, hotel, and hospitality merchants ‘ POS environments to steal payment account data.
Visa’s security alert said hackers first gained access to the fuel dispenser merchants ‘ POS networks by phishing emails with malicious links that enabled hackers with network access once pressed. They then conducted corporate network identification and acquired passwords and used them to acquire lateral access to the POS system. The attackers implemented POS scraping technology to capture payment card information after effectively breaching the POS networks.
The ransomware inserted into the POS networks seems to have specifically targeted the magnetic stripe cards, according to Visa. Thus, the payment cards used in the non-chip fuel pumps in the POS networks were at risk as hackers exploited the lack of security of the cards.
Cybercrimes, though, did not seem to concern the more stable fuel pump chip-and-pin tickets.
Visa announced earlier this year that by October 2020, gas dispenser retailers will have to install chip-and-pin readers. Any responsibility for card fraud found would be passed to the service stations after that.