Keylogger sophistication rising as criminals look for new sources of card fraud revenue

Keylogger sophistication rising as criminals look for new sources of card fraud revenue says Trusteer

Payment card servicing firm Visa has issued an alert ( to its transaction processing members and their clients - retailers of all sizes - that trojan-driven keylogger incidents are on the rise. According to Trusteer, the rising number of keylogger attacks on retailers' till terminals is due to the fact that many units are Windows-driven and therefore susceptible to the same type of malware infections as office and home PCs.

"Trojan-driven keylogger attacks have been on the rise for home and office PC users for some time, but companies and home users are getting wise to the problem and are installing IT security software on their machines," said Mickey Boodaei, CEO of the browser security and fraud prevention specialist.

"For retailers, however, the problem is more complex, as many of their terminals are subject to leasing and maintenance contracts, meaning that they tend to rely on the supplier/maintained for their IT security protection," he added.

However, Boodaei advises retailers not to be afraid of checking with their till terminal supplier about issues such as IT security, as with significant new penalties ( from the Information Commissioner's Office (ICO) regarding data leaks and breaches, retailers accepting card payments from their customers need to aware of their options.

Consumers should also take precautions against keyloggers, the Trusteer CEO went on to say, as criminals are increasingly targeting payment card information on the Internet.

Many malware variants collect card data as customers type it in while making a purchase online, he explained, adding that more sophisticated malware can also change payment pages on Web sites asking for additional card and personal information.

"Our research team have also come across malware variants that steal card information when you log onto your bank account. They frequently change the login page to request your card information and then send this information on to the criminals," he said.

According to Boodaei, the increasing sophistication of cybercriminals looking to rip retailers and their card-carrying customers off is a problem that will not go away because, as existing avenues of card fraud are closed off, cybercriminals will attempt to open new ones up.

"Unfortunately, keyloggers are an ideal vehicle for card fraud, as they allow fraudsters to radiate trojans out via sophisticated bulk emailers and sit back for unwary recipients to click on the links and unwittingly install the keylogging malware on their Windows-driven machines," he said.

"Consumers can do their part by installing a browser add-in such as Trusteer's Rapport software (, which is offered as a free download by banks such as HSBC, RBS/NatWest and the Santander Group. Retailers, meanwhile, should contact their till terminal supplier for advice on their own IT security options," he added.

For more on Trusteer:

Trusteer enables online businesses to secure communications with their customers over the Internet and protect personally identifiable information (PII) from a user's keyboard into the company's Web site. Trusteer's flagship product, Rapport, allows online banks, brokerages, healthcare providers, and retailers to protect their customers from identity theft and financial fraud. Unlike conventional approaches to Web security, Rapport protects customers’ PII from malware including Trojans, keyloggers, and pharming and phishing attacks. Trusteer is a privately held corporation led by former executives from Cyota/RSA Security, Imperva, and NetScreen/Juniper. For more information visit

Source: Eskenzi PR