Malware on Payment Systems—How Can You Protect Yourself?
Clothing retailer Forever 21 announced that a previously disclosed data breach was worse than first reported.
Unauthorized parties were able to access the system last year from April 3 through November 18. The malware used searched for data read from the payment card itself, which means the card number, expiration date, and internal verification code were stolen. In some cases, cardholder names were also included.
Security experts hired by Forever 21 found the encryption technology that would prevent such a breach was not always installed on some POS devices. While they did not offer an explanation of how this happened, they said they are working with third-party security experts and payment processors to discover what went wrong and fix it.
In addition to these encryption problems, there are a number of other ways thieves can gain access to POS systems, including phishing, using stolen credentials, and taking advantages of vulnerabilities when companies fail to patch their systems.
If your information is compromised in a breach, there are steps you can take to protect yourself. Monitor your credit card statements each month to make sure you recognize all of the charges. If you did not approve a purchase, you can dispute the charge, and your financial institution should reverse it.
It is also a good idea to use a mobile wallet instead of a debit or credit card. Mobile wallets utilize a payment token to process transactions, so your credit card information will not be on the POS system.