Increase in Point of Sale Malware Intrusions Possible During Holiday Season


Systems Affected

During the holiday season, PoS malware is a key method for cyber criminals to obtain millions of credit card numbers by only compromising a small number of networks. While criminals often use PoS malware to target small to medium-sized retail establishments, recent high-profile data breaches against major retailers demonstrate they are willing and capable of hacking retailers of all sizes operating with network security vulnerabilities.

Cyber criminals can use PoS malware to steal payment card data by remotely infecting PoS systems without the need to physically access the cards or the devices used to process them. Consequently, cyber criminals can compromise PoS systems on a larger scale, increasing the number of potential victims. The use of PoS malware by cyber criminals to fraudulently obtain stolen credit or debit card information poses a significant threat to retail establishments, financial institutions, and consumers whose data is compromised.

Threat Level



The FBI assesses data breaches caused by point of sale (PoS) malware may increase during the holiday season. Retailers and merchants are encouraged to remain vigilant and to implement best practices in an effort to mitigate these attacks.


The FBI assesses the use of PoS malware by cyber criminals may continue to rise due to the availability of PoS malware in the cyber underground, including new malware or variants of previous malware, and the ongoing process by US retailers to implement or accommodate Europay, Mastercard, and Visa (EMV) Chip cards.


Solution/ Workarounds

  ✻  Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.



s National Press Office at or (202) 324-3691.


The information provided herein is on "as is" basis, without warranty of any kind.


© Copyright Sri Lanka CERT|CC. All Rights Reserved.