Malware on Payment Systems—How Can You Protect Yourself?

January 3, 2018, Written By John H. Oldshue

Clothing retailer Forever 21 announced that a previously disclosed data breach was worse than first reported.

Unauthorized parties were able to access the system last year from April 3 through November 18. The malware used searched for data read from the payment card itself, which means the card number, expiration date, and internal verification code were stolen. In some cases, cardholder names were also included.

Forever 21 joins Chipotle, Whole Foods and many others that suffered a breach of their point-of-sale (POS) systems. This begs the question: how are hackers able to install malware on payment systems?

Security experts hired by Forever 21 found the encryption technology that would prevent such a breach was not always installed on some POS devices. While they did not offer an explanation of how this happened, they said they are working with third-party security experts and payment processors to discover what went wrong and fix it.

In addition to these encryption problems, there are a number of other ways thieves can gain access to POS systems, including phishing, using stolen credentials, and taking advantages of vulnerabilities when companies fail to patch their systems.

If your information is compromised in a breach, there are steps you can take to protect yourself. Monitor your credit card statements each month to make sure you recognize all of the charges. If you did not approve a purchase, you can dispute the charge, and your financial institution should reverse it.

It is also a good idea to use a mobile wallet instead of a debit or credit card. Mobile wallets utilize a payment token to process transactions, so your credit card information will not be on the POS system.



The information contained within this article was accurate as of January 3, 2018. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About John H. Oldshue

John Oldshue is the creator of LowCards.com. He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for LowCards.com.
View all posts by John H. Oldshue