Visa warns of key logger increase
Credit card company Visa has issued a warning to its clients to beware of the increase of key logging attacks at their payment terminals.
Visa has warned its customers to be aware of the increased risk posed by key-logging trojans.
The credit card company claimed in recent weeks it had seen a rise in this technique, which obtains information from victims through software that captures and records their keystrokes.
The particular malware affecting Visa payment systems sends payment card data to a fixed IP address or email that the hacker can then access and use as he or she sees fit.
"In these instances, the hacker is able to install key logger malware on the point of sale (POS) system due to insecure remote access and poor network configuration," Visa said in a statement.
Visa admitted that key loggers can be difficult to detect but has recommended a list of security measures for retailers using the system to take on board as a precautionary measure.
These include removing unnecessary remote access, implementing a secure network configuration, regularly observing which software is installed and ensuring anti-virus is kept up-to-date.
Although Visa blames poor practice for the success of key logging, another security firm has put this rise down to the increase in Windows-based payment terminals, leaving systems open to the type of malware a home or office PC could get infected with.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Trojan-driven keylogger attacks have been on the rise for home and office PC users for some time, but companies and home users are getting wise to the problem and are installing IT security software on their machines," said Mickey Boodaei, chief executive of Trusteer.
"For retailers, however, the problem is more complex, as many of their terminals are subject to leasing and maintenance contracts, meaning that they tend to rely on the supplier/maintained for their IT security protection."
Jennifer Scott is a former freelance journalist and currently political reporter for Sky News. She has a varied writing history, having started her career at Dennis Publishing, working in various roles across its business technology titles, including ITPro. Jennifer has specialised in a number of areas over the years and has produced a wealth of content for ITPro, focusing largely on data storage, networking, cloud computing, and telecommunications.
Most recently Jennifer has turned her skills to the political sphere and broadcast journalism, where she has worked for the BBC as a political reporter, before moving to Sky News.