FraudJournal Blog

August 8, 2011

Restaruant Breach Leads to Fraud Article


First, thank you to all who inquired to why my lack of posts; we had a death in the family that required my attention.

THIRD PARTY SECURITY RISKSWhy Compliance is Key for Everyone

Those of you who deal with fraud in the retail and restaurant industry are very familiar with skimmers; for those who don’t, we are talking about the hand-held devices that skim the financial information from your credit cards. These little devices are the bane of fraud fighters around the world. And they are getting smaller and more invasive every day. But the recent problem to hit the fraud newsletters and blogs (see article: Restaurant Breach Leads to Fraud by Tracy Kitten, Managing Editor at Bank Information Security), is the breach at a Texas restaurant from a hacker that gained access to the third-party vendor who processes their credit card transactions.

Restaurants have worked hard to make sure their customers’ credit/debit card information is safely handled, that their employees are following the rules, and all the while attempting to keep up to date on technology. However, the costs to upgrade each time a new software comes out or piece of equipment is available, makes a small business wince. And by nature, restaurants are just plain vulnerable to fraud due to the high level of transactions and tendency for high employee turn-over.

But the recent talk of the town is the breach in Texas; not by skimmer, but a third-party vendor that handles the point-of-sale (POS) system information for the restaurant. The Sheriff’s department are reviewing the details with the Secret Service, but they have come to the conclusion that back in early April and mid-May, the electronic information was intercepted by the hacker who had infected with POS system with a virus to steal payment card transaction data. By July, fraudulent charges began appearing. The most recent restaurants hit in the Walker County, have been “fast-casual diners and pizzerias”.

Mr. Neal O’Farrell, founder of the Identity Theft Council stated that “small businesses are often as much the victim of the breach as their customers are”.  As more and more security breaches become types of cyber attacks, small businesses need to start taking a look at their vendors and asking the hard question of “what are they doing to reduce fraud risk” and “how can we collectively reduce the risk”. Merchants that provide the readers might help by offering better trade-in offsets to reduce costs and promote use of the newer equipment and software available. I can’t remember when it was, but I remember I was shocked to find a business that still had a merchant device that printed out the entire credit card number on my receipt.

As the economy gets tighter and continues to stretch our budgets, fraudsters are going to find the chinks in our armor as we become tired a lacx in our effort to be careful; we need to be diligent about consistently finding ways to reduce the risks of fraud. We have to find new ways to help each other out and not rely on the credit card companies to solve the problem. It’s hard to cheat an honest person, they take the time to notice what is going on around them, and they ask questions. Let’s all take time to think about how we can become better at detecting and deterring fraud so we don’t end up having to defend against it.

 

Advertisements

Create a free website or blog at WordPress.com.