Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline

2020-01-03 18:22

Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump.

Dobieski however believes that with the shift in liability for attacks on card data looming, gas stations will indeed spend the next 10 months either finally upgrading their fuel pumps to chip-and-PIN, or, finding a workaround, such as implementing tokenization or point-to-point encryption.

"Installing cameras, reducing the total charge amount, or requiring customers to pay inside the gas station are all options which can reduce the likelihood of a fraudster taking advantage of their shop. Like other information security practices, part of the game for defenders is making your infrastructure seem less juicier than everyone else's. If I'm a credit card fraudster, I will skip the gas station with cameras in favor the station down the street with no security."

In the meantime, cybercrooks are going to fill up their tanks with card data, targeting non-compliant machines with gusto, researchers say.

In December for instance, North American gas stations were targeted by coordinated cyberattacks according to Visa, in an effort to scrape payment-card data.

News URL

https://threatpost.com/cybercriminals-fill-up-gas-pump-transactions/151520/

#cybercriminal #scam