Darkreading.com reported that “Almost every retail store in existence has at least one point-of-sale (POS) machine to quickly process credit cards and allow their customers to make transactions. Some of the largest retailers may have hundreds of machines in a single location, or thousands of them deployed worldwide.” The December 14, 2018 article entitled “Retailers: Avoid the Hackable Holidaze” included these comments about attacks to POS devices:

One of the easiest scams is to install skimmers on unguarded machines, which capture credit card data from customers who use them.

Another more advanced form of attack is inserting malware into a POS device, which could compromise an entire organization.

With more people wandering around stores during the holidays, be sure that POS machines are never left unattended or unguarded. Ideally, they should be secured, powered down, or locked when not in use or whenever they aren’t being actively monitored.

Access points such as USB ports should also be disabled or physically sealed because even an employee innocently charging his phone might inadvertently allow malware to slip into the POS system that way.

Better safe than sorry during the Holidays and the entire year!