Earlier this week, the Israeli 'Channel 12 News' reported about a scam that's taking place at physical #PointOfSale in which the scammer utilizes the inexperince of the cashier / the fact that they were not trained correctly and are not familiar with the Manual Auth Code feature which is available at some ECRs / Payment Terminals worldwide
The Manual Auth Code feature is there for cases like terminal lost its internet connection and some other specific use cases.. However sophisticated attackers found a way to take advantage of this one, with a combination of the human factor
Shop Owners - Please (!) train your employees and make sure they understand how to use the (too many) features you have at your ECR / Till / POS / Terminal Generally speaking - if you don't need a certain functionality or feature, ask your service provider to turn it off or protect its availability under a manager's user roles
An illustration of how this scam takes place, is available here below in the infographic Feel free to reach out if you have any questions, thoughts or comments :-)
Comments