Unwanted Guests at Trump Hotels: Malware and Credit Card Fraud

By on Apr 07, 2016

Hotels go to great lengths to be your home away from home. Therefore, the last thing they, and you, want to occur is theft. For hotels, physical theft is fairly easy to defend against. Digital theft, as customers of Trump Hotels may be finding out, is a different story.

The Trump Hotel Collection has likely suffered a breach exposing guest credit card data, according to cybersecurity journalist Brain Krebs of KrebsOnSecurity. Krebs first reported the computer system crash and potential breach — the hotel chain’s second in six months — on Monday. The FBI and Secret Service are currently investigating the incident, and haven’t given an official statement. What we do know is that those who’ve stayed at a Trump hotel in the past two to three months are likely affected by this leak.

The Trump Hotel Collection isn’t alone when it comes to breaches. In fact, the hospitality industry is a popular, lucrative, and easy target for cybercriminals. That’s because the hotel industry caters to traveling executives and employees, as well as regular vacationers. These guests bring with them lot of cards — each of them with a lot of credit.

We still don’t know exactly how the hackers got card information in this case, hence the ongoing investigation. But, if similar, past incidents are anything to go off of, it’s likely that cybercriminals developed malware (malicious programs designed to covertly detect and extract sensitive data) targeting the collection’s point-of-sale systems. These types of attacks are difficult to detect and defend against. In fact, various other hotel chains have all seen their systems attacked in this manner at some point in time.

So what can you do to keep yourself safe? There are a few steps you can take:

  • Check and monitor your accounts. Keep an eye out for suspicious activity in your bank account history. This is the only way to react quickly to potential fraud, and know if you’ve been hacked. If you aren’t meticulous about your activity, a criminal could use your account for quite some time before you realize.

In the event that your financial information is in fact compromised, take these two steps:

  • Change your PINs and passwords. After you learn of a compromise, you should immediately change your Personal Identification Number (PIN) and applicable account passwords. It’s the easiest way to restore a basic level of security and lock working cybercriminals out of your account.
  • Contact your bank or financial institution. Banks are really, really good at detecting fraudulent charges—often before you’ve even noticed something is wrong. If your credit or debit card is involved in a data breach, notify your financial institution immediately. They’ll likely issue you a new card, but they can also institute advanced fraud detection, notify you of suspicious activity and add extra authentication steps for transactions.

 

gary

 

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs