Credit Cards Blog

Finance Blogs » Credit Cards Blog » Malware attacks cash registers

Malware attacks cash registers

By Janna Herron ·
Monday, October 28, 2013
Posted: 6 pm ET

Skimmers aren't the only way fraudsters are stealing credit card information at cash registers. Now, they're using malware.

This year, several malware programs popped up worldwide that pick up card data at point-of-sale terminals and transmit the information to a so-called command center controlled by the thieves. That means you could be completing a purchase at a store, and all of your card data is being sent not only into the retailer's system but directly to criminals as well.

Trusteer, a cybercrime prevention company founded by IBM, detailed the new malware in a recent blog on its website. One particular malware called Dexter runs on Windows platforms and disguises itself as Internet Explorer. So far, 200 to 300 attacks have been recorded in 40 countries, according to Trusteer.

This remote means of stealing credit card information differs from skimmers, which are devices that are physically placed over the machines where payment cards are swiped. These devices save the card data, but must be removed at some point for fraudsters to retrieve. This scheme usually involves someone on the inside, such as a store clerk or waiter, or is used on public card readers like ATMs or unmanned gas station kiosks.

With the new malware scam, it's unknown how the malware infects the point-of-sale terminals in the first place.

Despite the differences in attacks, you should take the same safety precautions to protect your credit cards. Always scan your recent purchases listed online to make sure they're yours. If you find something that looks suspicious, contact your credit card issuer right away.

It's also a good idea to pull your credit report for free at to make sure the fraud hasn't spread beyond that one account. You're entitled to one free report from Equifax, Experian and TransUnion every 12 months under federal law.

Fortunately, your credit card issuer also is looking out for fraud and often catches it before you do. That's because card companies are on the hook for any losses. If your credit card account information is stolen, your liability is nothing. (If your actual credit card is stolen, your liability maxes out at $50 under federal law.)

So, while malware and skimmers may sound scary, there are protections out there for you.

Has your credit card information ever been stolen? How did you find out?

Follow me on Twitter: @JannaHerron.

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
November 03, 2013 at 12:52 pm

I'm really loving the theme/design of your blog. Do you ever run into any internet browser compatibility issues? A small number of my blog readers have complained about my blog not working correctly in Explorer but looks great in Chrome. Do you have any solutions to help fix this issue?

November 02, 2013 at 10:10 pm

Hi! This is my first comment here so I just
wanted to give a quick shout out and say I truly enjoy
reading your articles. Can you
recommend any other blogs/websites/forums that cover the same
Thanks a lot!

November 02, 2013 at 4:58 pm

It's awesome to pay a visit this site and reading the views of all mates about this article, while I am also zealous of getting knowledge.

November 01, 2013 at 5:09 am

Having read this I thought it was extremely informative. I appreciate you taking the time and effort to put this informative article together. I once again find myself personally spending a lot of time both reading and commenting. But so what, it was still worth it!

October 31, 2013 at 7:59 am

For the reason that the admin of this web site is working, no doubt very soon it will be famous, due to its quality contents.

October 29, 2013 at 5:56 pm

When planning and arranging our daughter's nuptials quite a few years ago our credit card information was stolen and over $12,000.00 was charged and paid for by the card company. This was in Houston and carried out by a group of Nigerians who fled the USA when their storage location was raided with no one apprehended. What is really puzzling is that no one knows how the card number and our other information was obtained. So it does occur and we were responsible for but $50.00 since we received no billings and made no inquiries for just over three months.

Linda Menger
October 29, 2013 at 3:40 pm

Please don't ever think this won't happen to you. We went through two years and nine attacks of someone trying to obtain credit with some of our information, in addition to charging things as far away as Germany. It's not just a simple matter to straighten all this out, we were lucky they never actually got through because we had written so many letters to the credit bureaus, the companies and to our local police departments. I also had to write to the Federal Trade Commission. Many months of correspondence back and forth and only now have we been free of attacks for almost a year. The downside to all this you never feel safe again.

Donald Bailey
October 29, 2013 at 3:33 pm

I discovered my Wells Fargo Credit Card info was stolen when I received my monthly statement which showed a $600 + purchase I did not make.

October 29, 2013 at 11:45 am

Heya i am for the first time here. I came across this board and I find It truly helpful & it helped me out a lot. I am hoping to provide one thing back and help others such as you helped me.

October 29, 2013 at 9:13 am

of course like your web site but you have to test the spelling on several of your posts. A number of them are rife with spelling problems and I find it very troublesome to inform the truth nevertheless I will certainly come again again.