Preventing Cyberattacks in 2018 Part I

Tips from Visa® to help prevent malware infection

The consensus among experts when it comes to the expected prevalence and sophistication of cyberattacks in 2018 is things could get worse before they get better. But for merchants to help combat cyberattacks, the best offense is a strong defense.  

Preventing Cyberattacks in 2018 Part I

Feb 12, 2018

Preventing Cyberattacks in 2018 Part I

Tips from Visa® to help prevent malware infection

The consensus among experts when it comes to the expected prevalence and sophistication of cyberattacks in 2018 is things could get worse before they get better. But for merchants to help combat cyberattacks, the best offense is a strong defense.

To help merchants’ combat fraud and persistent attacks resulting from malware infections, especially in the Card-Not-Present space, Visa has provided guidance and best practices in a recent security bulletin to help merchants maintain security for their online stores.

Visa points out that malware is likened to an online payment data skimmer, allowing card data and personal information to be used illegally or sold. Skimming malware can be hosted remotely, which lives in a separate domain and is loaded by the merchant’s website, or locally, which means the malware has been placed into a merchant’s code directly. The skimming code steals the cardholder data during checkout, and a wiretap funnels live data transparently to the cybercriminal’s control domain. To help ensure that breaches to e-commerce sites don’t occur, merchants should:

  • Comply consistently with industry security standards such as the Payment Card Industry Data Security Standard (PCI DSS).
  • Set up a Web Application Firewall (WAF) to block suspicious and malicious requests from reaching their website. Limit access to the administrative portal and accounts to only to those who need them, requiring strong administrative passwords.
  • Consistently monitor for suspicious activity and ensure staff are trained in security best practices. Regularly scan and test online sites for vulnerability or malware by hiring a trusted professional or service provider with security experience in the e-commerce environment.
  • Consider using a fully-hosted checkout solution that operates separate from a merchant’s site, or use hosted checkout forms embedded online on a merchant’s checkout page.
  • Use a validated third-party service provider to store, process or transmit cardholder data. A list of validated, registered service providers are available on the Global Registry of Service Providers.
  • If a merchant suspects they’ve been compromised, the acquiring bank should be contacted immediately for next steps.

To find out more information on how to help prevent cyberattacks on your business, check back at tsys.com or visit Visa e-Commerce Malware Webinar

Contact Us
About Our
Merchant Services

For Merchant Sales:
+1.888.845.9457


For Merchant Support:
+1.800.654.9256
or customersupport@tsys.com


Get your Free Quote, Now!

After you have submitted your information, a TSYS representative will contact you.

All fields are required to submit form. Your information is private and secure. We do not accept adult businesses

Customer Support Form