Visa is warning customers who use a credit card at the gas pump, as the company believes it could now be a means for cybercriminals to steal information. Visa said it has identified three unique attacks that were “likely carried out by sophisticated cybercrime groups.” Two of the schemes targeted North American fuel dispenser merchants, which it said are an increasingly attractive target for hackers. According to a company statement, “The recent compromises of fuel dispenser merchants represents a concerning trend whereby sophisticated threat groups have identified fuel dispenser merchants as an attractive target for obtaining track data.” In one incident, hackers were able to gain access to systems through a phishing email containing a malicious link that was sent to an employee. Through the link, cybercriminals accessed the merchant network and harvested payment card data from there. In the second attack, experts were unable to determine how hackers gained initial access, but magnetic strip data from payment cards appeared to have been targeted specifically. The third attack occurred at a hospitality merchant. Right now, it’s unclear how many accounts are at risk of being affected, but Visa warned in November about the rise of attacks on people who pay at the pump. Merchants that have not yet adopted chip technology on terminals are more likely targets for these types of attacks.
