According to a new report from The Inquirer, criminals are capitalizing on hotel point of sale (PoS) applications to "siphon off travellers' credit card details." This form of theft is achieved by "using a remote access Trojan program to infect hotel front desk computers. The malware includes spyware components that steal credit card and other customer information by capturing screenshots from the PoS application. The malware is capable of stealing credit card numbers and expiration dates, but not CVV2 numbers in the sample Trusteer inspected."
Trusteer, the world's leading provider of secure web access services, detected these schemes and says hotel poaching is a virile trade in underground and tech forums. Attack codes can be purchased in Visa underground forums for $280 and the spyware cannot be detected by anti-virus software. The package even includes a manual loaded with tips on how the poacher can trick the desk clerk into loading the spyware for them.
Amit Klein, Trusteer's CTO, warns that:
"Criminals are increasingly expanding the focus of their attacks from online banking targets to enterprises."
"One of the reasons for this shift is that enterprise devices can yield high value digital assets when compromised. In addition, the prevalence of bring your own device (BYOD) usage by employees makes it easier to infect unmanaged smartphones, tablets and laptops that are used to access sensitive enterprise systems and applications."
Will these attacks inspire hotel chains to beef up their security and educate their employees about cyberooks?