“Out there in some garage is an entrepreneur who’s forging a bullet with your company’s name on it.”

-Gary Hamel

Cybercriminals Deliver Point-of-Sale Malware to 51 UPS Store Locations



C-IT Recommendation

  1. Create new non-intuitive usernames for POS accounts.  Disable  the default usernames.
  2. Use Strong password for Terminal log in accounts and change them regularly
  3. Keep POS operating systems and POS Software Applications updated with the latest patches:
  4. Install a Firewall
  5. Ensure a solid Antivirus solution is running on the POS terminals
  6. Ensure your company is using a web content filtering solution to prevent user from accessing malicious websites.
  7. Validate the web content filtering solution is up to date with the latest stable version with the latest site signature updates
  8. Disallow Remote Access so that attackers cannot remotely access terminals
  9. Encrypt traffic between terminals, servers and payment card processor

Article Resources

UPS Stores impacted by the breach


US CERT- New Point of Sale Malware


US-CERT Alert Malware Targeting Point of Sale Systems


Protecting PoS Environments Against Multi-Stage Attacks



Leave a Reply

Your email address will not be published. Required fields are marked *