Cybercriminals are targeting employees who browse the web or check their email from point-of-sale (PoS) computers. Security researchers from FireEye have come across a spam campaign that used rogue email messages masquerading as job inquiries. These emails had fake resumes in the word format attached. If the documents were opened, a malicious macro script would install a program that downloaded additional malware from a remote server. Among those additional programs, the FireEye researchers identified a new memory-scraping malware that steals payment card data from PoS terminals, named NitlovePOS. Therefore, organisations should educate their employees to follow best security practices, such as only using POS systems for what they are intended for.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street