By allowing ads to appear on this site, you support the local businesses who, in turn, support great journalism.
The new scam online shoppers need to know about
39a483b3d846d05ed208369b06f80d661e0b183bf1daeaaef9c36e080d244a15
iSight Partners disclosed research Tuesday about malware that could steal credit card and debit card numbers from retailers, according to The Washington Post. - photo by Payton Davis
If new cybersecurity research indicates anything, getting shoved to retailers' floors in pursuit of the hottest Christmas gifts isn't the only peril shoppers might face.

That's because malware called ModPOS is aimed at stealing credit card and debit card numbers just before one of the biggest shopping weekends of the year, Andrea Peterson wrote for The Washington Post. Cybersecurity firm iSight Partners disclosed research about the scam Tuesday, saying its investigation in regards to the malware found infections at "national retailers."

The Post indicated similar breaches hit Target during the 2013 holiday season.

However, Maria Noboa, a senior threat analyst at iSight, told Robert Hackett of Fortune that scare was child's play compared to ModPOS.

"This is by far the most sophisticated point of sale malware we've seen to date," Noboa told the Post. "They have such great in-depth understanding of operational security measures, evading detection and the mitigation techniques used."

According to Fortune, some of the malware's facets have been in development since 2012, and a "single professional-level hacking group" is most likely behind the scam.

iSight began working with retailers in October so they could track down and remove the malware from machines before Black Friday. But Wendy Nather, Retail Cyber Intelligence Sharing Center research director, told Fortune she wasn't sure if "anyone has been effective in kicking it off their system."

So should eager shoppers scrap their plans?

Probably not because consumers always face security threats in one way or another, Robert Siciliano, an online safety expert, told ABC News.

"Siciliano said he urges consumers to go about their planned shopping since there's no way to 'proactively prevent this strain of malware or even a crooked clerk' from stealing your information," ABC News' piece indicated.

Instead, Siciliano advised shoppers to be aware their credit card numbers could be compromised and sign up for alerts or notifications banks offer.

Maria Lamagna wrote for MarketWatch consumers could also pass on making purchases with credit cards using cash when possible.

"Many consumers were already planning to do most of their holiday shopping in cash; a recent survey from finance site Bankrate showed that 39 percent of Americans plan to make most of their holiday purchases in cash, followed by debit cards (31 percent), credit cards (22 percent) and checks (3 percent)," according to MarketWatch.

ABC News noted what shoppers can do when making transactions online; in that case, a private Wi-Fi connection always trumps a public hotspot.

Making sure Internet-connected devices are up to date also helps, ABC News reported.
Sign up for our E-Newsletters