Visa has issued a new security alert warning that fraudsters are targeting gas stations across North America to steal payment card information,media reported. While gas station pumps have traditionally been a popular target for fraudsters to obtain credit card information, the attack was different because cardholders were barely able to protect themselves this time because attackers were installing malware on their point-of-sale systems at those stations.
It is understood that most of the financial attacks at petrol stations involve card readers installed directly on fuel pumps. When payment card information is entered into the card reader, the devices masquerade as part of the payment machine and then start collecting payment card information.
According to Visa, the latest threats are much more complex and difficult to detect. It involves malware installed on the gas station network rather than devices on gas station pumps. Consumers don’t know if they’ll use their payment cards at a gas station that uses a network of vulnerabilities, which means they are vulnerable to scammers.
Visa noted that their Payment Fraud Interference (PFD) team discovered three cyberattacks on pos systems at gas stations last summer. In two of the three cases, it is believed that it may be linked to a complex cybercrime group called FIN8. Another used phishing emails to get gas station workers to download remote access trojans on the company’s network. The Trojan gives the attacker access to the network. Payment card information is removed from the system’s RAM.
At the moment, according to Visa, the attacks are limited to Gas Stations in North America, but no specific oil company has been targeted.