Scam of the day – August 25, 2014 – “Backoff” malware stealing millions of credit card and debit card data

by | Aug 25, 2014 | Scam of the day, Site Related

In my Scam of the Day for August 1, 2014 I first warned you about the danger of the malware referred to as “Backoff” as described in a warning issued by the Department of Homeland Security on July 31st.  Backoff is the name of a type of malware that is being used by identity thieves and hackers to infect the point of sale card processors and cash registers of retailers to steal credit card and debit card information which the hackers then sell on black market websites to other identity thieves.  This is the same malware that was used in the infamous Target data breach and more recently in the data breaches at Supervalu stores and UPS.  The malware is very hard to detect and has resulted in the the theft of millions of credit and debit cards over the last year from, according to the Secret Service, more than 1,000 companies, most of which, still do not even know that their security has been breached which is why this story keeps being repeated as new stores finally become aware of their data breaches.   The situation has gotten so dire that the Department of Homeland Security issued a new warning to retailers about Backoff and what companies should be doing.  Here is a link to the Department of Homeland Security’s most recent security alert. https://www.us-cert.gov/ncas/current-activity/2014/08/22/Backoff-Point-Sale-Malware-Campaign

TIPS

There is much that corporate America should be doing to help protect the security of its data which includes credit and debit card information on all of us.  However, there is little we, as individuals, can do to advance this process other than to put pressure on companies to provide better security including two-factor authentication and better passwords.  However, what we all should be doing is refraining from using our debit cards for retail transactions because of the limited consumer protection laws that apply when fraudulent debit card purchases are made as well as the serious inconvenience of remedying the problem if your debit card information is stolen.  We also should be carefully monitoring our credit card usage for fraudulent use in order to identify as early as possible any data breaches affecting the security of our credit cards.  The earlier you recognize that your credit card has been compromised, the easier it is to fix the problem.