recommended reading

Threatwatch

Thieves suck $400,000 out of Southwest gas pumps

Credential-stealing malware; Payment device infection; Stolen credentials; User accounts compromised

Their hacking tools included a card skimmer and a fake PIN pad overlay designed to capture PINs from customers who paid at the pump with a debit card.

The two men indicted in July for ripping off gas pumps did so by renting a vehicle, checking into a local hotel and placing the devices on gas pumps at Murphy’s filling stations located in the parking lots of Arkansas and Oklahoma Wal-Mart retail stores.

They left the skimmer tools on for between one and two months, then collected the tools and used the stolen data to create counterfeit cards, visiting multiple ATMs throughout the region and withdrawing large amounts of cash.

Some of the card data pilfered in the scheme showed up in fraudulent transactions in Eastern Europe and Russia.

“Don’t get sucker pumped,” writes Brian Krebs. “As the Oklahoma case shows, gas pump skimmers have moved from analog, clunky things to the level of workmanship and attention to detail that is normally only seen in ATM skimmers.”

Pump scammers are turning to bluetooth-enabled devices that connect directly to the pump’s power source. “These skimmers can run indefinitely, and allow thieves to retrieve stolen card data wirelessly while waiting in their car at the pump.”

sector

Energy; Financial Services

reported

July 29, 2013

reported by

Krebs on Security

number affected

Unknown

location of breach

Oklahoma, Arkansas, United States

perpetrators

Criminals

location of perpetrators

Oklahoma, Arkansas, United States

date breach occurred

April 2012 to January 2013

date breach detected

Unknown

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.