Credit card giant Visa is warning its cardholders that cyber criminals are targeting gas pumps in order to steal personal credit card data.
Visa said in an announcement this week that its fraud disruption teams are investigating several incidents in which a hacking group known as Fin8 gained access to fuel dispenser merchants. The company said the attackers installed point-of-sale scraping malware in old-fashioned card devices that read magnetic strips, not chips.
These older systems have become prime targets because they lack the security protocols found in chip readers and newer devices.
“It is likely these merchants are an increasingly attractive target for cybercrime groups,” Visa said.
In one instance, attackers gained access via a phishing email sent to an employee, who then clicked on a malicious link contained in the email. Once the link was clicked, the attackers were able to gain access to the merchant’s corporate network and then migrate to the point of sale, or gas pump.
Fin8, which carried out the attacks, is believed to be behind a number of cyber offensives targeting point-of-sale systems in various industries, including the retail and hospitality sectors.
The anonymous group tends to engage in a blitz of cyber attacks only to mysteriously disappear, sometimes for a year or more at a time.
Visa said Fin8’s attacks on gas pumps appear to be more sophisticated than the more common “skimming,” which is when criminals attach physical devices to gas pumps to obtain credit card numbers and other personal data.
Visa is advising fuel stations that rely on magnetic strip readers to switch over to chip readers. “Fuel dispenser merchants should take note of this activity and deploy devices that support chip wherever possible, as this will significantly lower the likelihood of these attacks,” the company said in its announcement.
Visa has given fuel stations until October 2020 to switch over to chip readers, or else be held liable for fraud losses.