“Out there in some garage is an entrepreneur who’s forging a bullet with your company’s name on it.”
Cybercriminals Deliver Point-of-Sale Malware to 51 UPS Store Locations
- Create new non-intuitive usernames for POS accounts. Disable the default usernames.
- Use Strong password for Terminal log in accounts and change them regularly
- Keep POS operating systems and POS Software Applications updated with the latest patches:
- Install a Firewall
- Ensure a solid Antivirus solution is running on the POS terminals
- Ensure your company is using a web content filtering solution to prevent user from accessing malicious websites.
- Validate the web content filtering solution is up to date with the latest stable version with the latest site signature updates
- Disallow Remote Access so that attackers cannot remotely access terminals
- Encrypt traffic between terminals, servers and payment card processor
UPS Stores impacted by the breach
US CERT- New Point of Sale Malware
US-CERT Alert Malware Targeting Point of Sale Systems
Protecting PoS Environments Against Multi-Stage Attacks