According to Visa, there are numerous points of sale belonging to gas stations that are being attacked by cybercriminals due to security weaknesses that facilitate the theft of financial data. The company underlines that it already has several teams of experts investigating the issue, in particular the links between the Fin8 hacker group and the onslaughts perpetrated against several US fuel suppliers.
Visa explains that, in the identified cases, the group accessed the post network through malicious emails. Access then allowed them to install software that exploited the security hole and allowed data theft to users who used the magnetic stripe to pay.
According to the company, the attack does not appear to have affected users with cards containing a chip. Visa underlines that in the case of magnetic stripe cards, data is transmitted in decrypted form, so the attack was based on a technique that allowed hackers to intercept the same communication.
Visa says users can't do much to avoid being targeted by one of these attacks, apart from paying their bills in cash. At gas stations, the company suggests adopting a policy where only chip cards are accepted.