The Same Point-of-Sale Malware File has been Linked to Multiple Data Breaches in North America

Credit-card-and-POS-and-malware image for Visa PwnPOS post

Visa’s Payment Fraud Disruption (PFD) team recently determined that seven point-of-sale breaches reported since March 2018 in North America were linked to the exact same malware file hash, now known as the “PwnPOS” File.

PwnPOS is a point-of-sale (POS) malware file that was first identified back in 2015, but there are indications it may have been active as early as 2013.

From 2016 to 2017, there were only a few reported instances of PwnPOS infections, but that number increased significantly in 2018. Visa’s PFD team discovered that each of the malware files recovered from the 2018 breaches were the same across all instances, which means the PwnPOS malware family is easily identifiable.

How it Works

There are three main attributes of the PwnPOS malware:

1)  A component that adds or removes itself from a list of system services

2)  This component enables the malware to avoid detection and persist on a targeted machine

3)  The malware installs a RAM scraper that monitors for keyboard inputs containing a string of numbers

Once those keyboard inputs are scraped, the malware checks the string of numbers against the Luhn algorithm (a formula used to validate identification numbers) to determine if it is a credit card number. If the numbers pass the check, the malware extracts the compromised data.

Mitigation Measures

To identify the presence of the PwnPOS malware, Payscout recommends scanning your networks for the following indicators of compromise:

Visa PwnPOS Malware Alert - Indicators of Compromise

The indicators above correspond to the RAM scraper component of the PwnPOS malware. The seven cases Visa’s PFD team identified in 2018 had additional PwnPOS file attributes, but the RAM scraper component was consistently present in all instances, making it the most reliable indicator of compromise available.

Best Practices

Visa recommends the following best practices to reduce the risk of exposure:

  • Secure remote access with strong passwords, ensure only the necessary individuals have permission for remote access, and disable remote access when not in use.
  • Enable EMV on all point-of-sale devices.
  • Provide each Admin user with their own user credentials. User accounts should also only be provided with the permissions vital to job responsibilities.
  • Turn on heuristics (behavioral analysis) on anti-malware to search for suspicious behavior, and update anti-malware applications.
  • Monitor network traffic for suspicious connections, and log system and network events.
  • Implement Network Segmentation, where possible, to prevent the spread of malicious software and limit an attacker’s foothold.
  • Maintain a patch management program and update all software and hardware firmware to most current release to limit the attack surface for zero-day vulnerabilities.

Streamline and Secure Your Business’s Payment Processing with Payscout’s Virtual Terminal

Online Shopping on laptop with credit card

From the complexity of healthcare payment processing to the relative simplicity of buying and selling a product, the modern marketplace is far more dynamic than it’s ever been. For the vast majority of human history, most basic transactional commerce involved a customer purchasing a product or service from a vendor. The point of sale (POS) was a static, physical exchange of currency for the product or service, usually at the business of the merchant or vendor. At the risk of stating the obvious, the internet has changed that dynamic for good. Trillions of dollars are now spent online and any reasonable business with a product that can be sold, advertised, or promoted on the internet, does so—or at least should.

Failing to do so risks, if not guarantees, that their business will suffer (or possibly fail). However, this profitable new paradigm is accompanied by perils and vulnerabilities. When an internet vendor doesn’t interact face-to-face with any of their clients, they are put in a position where they have to trust that a consumer is who they say they are and actually has the funds they’re accessing with their credit or debit card. Fortunately, there are solutions for mitigating or eliminating the risk of things such as consumer fraud, insufficient funds, stolen cards, or payment processing that isn’t fully secure. When dealing with digital, remote, and international payment processing, businesses can protect themselves and increase their efficiency (and in turn, profits) by leveraging Payscout’s virtual terminal.

Benefits and Services of the Virtual Terminal

There are two primary ways in which Payscout’s virtual terminal aids any company doing business online: guaranteeing the money that a consumer is spending is actually there, and then ensuring a secure transfer of those funds. Payscout has managed this by deploying the most secure, advanced technology to ensure that the customer has sufficient funds in their merchant bank to cover the price of the purchase on any major credit card. That allows merchants to accept or decline transactions as necessary, and that means fewer chargebacks. Those features are available at both physical POS terminals and online sales.

 Security Features

Every feature of modern commerce requires security. That reality informs every product and service Payscout offers, from accounts receivable collections software to innovations in data tokenization. The security solutions for the Virtual Terminal are based on Payscout’s development of proprietary ecommerce tools and developer APIs to protect all consumer data sent between a business’ website and the merchant service bank. Additional security features include Advanced Fraud protection technology, Visa 3D Secure, MasterCard Secure Code, and PCI compliance. All of that advanced, reliable safeguarding provides the security every business needs to thrive in the internet age.

Optimize your business’s profit potential and growth with the industry’s best payment processing solutions, at www.payscout.com

How to Streamline Your Online Business Payment Processing

How to Streamline Your Online Business Payment Processing

There are so many considerations, concerns, complicated details, and unforeseen hurdles accompanying the running of a business that it can be easy to overlook features that could either help or hinder your business’s success. In this case, that feature is payment processing. A user-friendly, streamlined payment processing infrastructure can prove to be a revenue driver by increasing conversions, while a poorly managed system can turn off and drive away consumers, leaving your business with a lot of missed opportunities and abandoned shopping carts.

 Don’t Exclude Payment Methods or Processing Options

Consumers have become so accustomed to having multiple payment options that any business with a payment processing solution that does not support multiple sources of payment could suffer. To maximize conversions, incorporate both domestic and international payment processing. Credit and debit cards are obviously a must, but some consumers prefer additional payment alternatives. Those include online payment systems, app-centric payment options, direct payment services, account-based payments and merchant accounts, as well as the ability to accept (and possibly offer) coupons and gift cards.

 Allow Guest Checkout

Customers establishing accounts with online businesses are generally a mutually beneficial arrangement. It’s certainly mutually beneficial when the customers are happy and willing to do it. These accounts make it easier for customers to reorder from you and increases the likelihood they will do so, which in turn increases trust and brand loyalty.

Unfortunately, account-averse customers complicate that relationship. It’s not necessarily the result of arbitrary account-antagonism or consumers being too impatient to sign up. Sometimes people are in a rush, and some consumers are just wary of sharing additional personal information on the internet. Instead of having to create an account or forgo the purchase, allow the option to purchase as a guest to ensure you don’t miss out on potential business. Generally, requests for information should be tiered, from the bare minimum required to complete a purchase to the information necessary to establish an account, to whatever additional information would contribute to your sales metrics that customers are willing to provide.

Invest in Security and Let People Know

From the often labyrinthine world of healthcare payment processing to stocking, selling, and shipping T-shirts, customers don’t just want a secure payment processing option—they demand it. Due to the spate of high-profile data hacks, network intrusions of major corporations, and the ubiquity of identity theft issues that remain a threat, consumers are even more leery of ecommerce. To assuage those concerns, invest in tight security and a protected, encrypted secure payment portal. Once it’s been employed, be sure that it’s mentioned where consumers will see it so they can rest assured you’re taking responsible actions to minimize risk.

 A Clear, Intuitive Purchase Process

It’s a bit surprising that providing this information is still necessary, but there are still sites with vague purchase and payment processes. The entirety of the purchase process should include very clear calls to action and additional options. Consumers want to be both aware of the status of a potential purchase throughout the process, while having the option to continue browsing without the risk of backing out of an order or doubling up on one. As such, each button should identify exactly what clicking it is going to accomplish. Which is why vague buttons like “Go Ahead,” “Continue,” “Apply,” “Order” or “Checkout” are worth reconsidering. Those can mean an order overview or the actual purchasing of whatever’s in their cart. Stick with “Add to Cart,” “Go to Checkout,” and “Buy Now” or “Place your Order” for the utmost clarity. And always provide the opportunity to both edit the cart and continue shopping.

 About Payscout

Payscout has consistently been recognized as one of the most innovative, trusted, and dynamic payment processing providers in the industry. By facilitating sound, secure, convenient payment processing solutions across the U.S., Canada, Brazil, and the E.U., Payscout links merchants and their customers with their debit, credit, ATM, mobile, and alternative payment systems. Payscout makes it easy to manage payments, both on-site and for mobile and online platforms. Additionally, Payscout can integrate with over a dozen software payment processing applications, while specializing in accounts receivable collections software, utility payment processing, and non profit payment processing. Payscout can accommodate any payment requirement confidently with safe, secure, speedy, friendly, and convenient service.

Discover everything Payscout’s payment processing solutions can do for you, at www.payscout.com

Business Security Tips for Safer Commerce

female business owner on rooftop with tablet

As the internet hosts financial enterprises from utility payment processing for major cities to the buying and selling of corporations, the hundreds of billions of dollars transferred, earned, and spent online represent a tremendous opportunity. Big opportunities, however, are often accompanied by great risk. Some of that risk is simply the unavoidable and unforeseeable, chaotic, esoteric fluctuations of global markets.

Some of that risk – fraud and theft – is also more malicious but, thankfully, addressable. Anyone doing business online (and offline) faces both of these risks, but addressing their vulnerability to hackers, identity thieves, credit and debit card scammers, etc. requires trustworthy partners and some prudent safeguards. Payscout is the perfect partner for smart and secure payment processing that—along with some best practices below—can make your business safer and more secure.

Restrict the Number of Allowable Transaction Attempts

Significant developments in the security of physical point of sale (POS) and mobile payment processing by companies like Payscout mean that scammers are focusing more on card-not-present scams. This trend has given birth to an online marketplace of stolen payment card numbers that thieves can buy individually or in bulk. Some of those numbers have been rendered useless by reporting or have incomplete information, but scammers will often try a series of card numbers until one works. Restricting the number of allowable transaction attempts can thwart that sort of “brute force” attempt at fraud.

 Keep Track of Suspicious Card Numbers

Retain a log of suspicious card numbers. Most payment card processing companies allow vendors to review attempted transactions, successful or not. Recording and perusing those daily transactions can help identify the sort of attempt described above – if one of the cards went through before the daily transaction limit had been reached.

 Keep Your Digital Fortress in Good Repair

Payscout provides vast, dependable security measures (such as encryption and tokenization services) to protect all financial information in a merchant’s database, fraud-protection and security specialists that handle automated screening and manual review, and a variety of check and card protection and verification services. Payscout also offers services ranging from local non profit payment processing to global payment processing from multinational corporations. But their expertise and resources can only help so much if your firewall, anti-virus, anti-malware, anti-spyware, etc. protection is lapsed, lax, or not present.

 Don’t Mix Business with Personal

There are a number of good reasons for having separate, dedicated hardware, software, and devices for business and personal use. For one, using one device and/or system for your business and personal computing can result in frustrating confusion—particularly if your personal computing includes personal finances. But more importantly, if you have everything in one place and do get hacked, you risk losing everything. Be safe!

Protect your business’s future and secure its continuing growth and success at www.payscout.com.