In payment terminals with support for contactless payment, chips are used. The same chips are built into bank cards and mobile devices that support this technology. They allow you to make payments without inserting the card into the terminal. Contactly payments are very convenient and their popularity has increased sharply after the pandemic Covid-19.
The use of NFC chips also made it difficult for attackers to steal information about bank cards special malicious software. One of the popular malware for attack on payment terminals is Prilex. The harmfulness was seen for the first time in the distant 2014 and at first attacked only ATMs, and in 2016 POS-Sale moved, that is, in payment terminals. In September, we mentioned that the researchers again began to notice Prilex attacks after a long break.
January 31 Kaspersky Laboratory
Also in the latest versions of harmful software, a new function has appeared – the ability to filter unwanted cards. For example, the condition: card: credit, not debit; Transaction limit: increased, etc. That is, these cards that are not suitable for conditions will not be transmitted to attackers. So they will not “elapse” into the limits and will be able to immediately “disrupt the jackpot.”
In order to protect yourself from this and other manipulations of scammers, you should observe standard security measures:
- refuse to pay on terminals with visible signs of hacking or with non -working contactless payment. In such a place it is better to pay for the purchase of cash.
- Always verify the sum of the final transactions with those indicated on the terminal display. And in case of inconsistency of amounts or the appearance of unnecessary transactions, to immediately report this in support of the bank.
- refuse to use the public Wi-Fi at the entrance to the banking applications. Either mobile Internet, or VPN, if there is no other option.
- Do not introduce a PIN code in sight of outsiders. Do not tell anyone CVV code and codes from SMS.