Payment Card
Payment card compromise is an attack where threat actors compromise systems that collect, process, or facilitate the processing of credit card or payment information. Often targeting e-commerce websites, threat actors inject malicious code to capture payment card information.
Look for Early Indicators.
-
Unauthorized transactions - Unexplained, small transactions on statements can be a sign of compromise.
-
Unusual payment card activity - Changes in activity patterns or unusual transactions can indicate a payment card compromise.
-
Alerts from payment card networks - Suspicious or unusual activity alerts from payment card networks should be investigated promptly.
-
Point-of-sale system issues - System errors, slow processing times, or unusual error messages.
Physical retail store locations, ATM’s and other card reader systems are not immune to these attacks as financially motivated threat actors deploy malware into environments where credit card data is collected, processed, or transmitted. In some cases, they deploy physical devices designed to slip on top of the credit card reader or inside the reader device to intercept the credit card data while shoppers believe they are just paying for their goods. Payment card compromise is particularly damaging to small and medium sized businesses relying on credit card transactions.
Payment card compromise can have a severe impact on small and medium sized businesses and their customers, including financial losses, reputational damage, and increasing the risk of identity theft.