New McAfee report shows growing threat of cybercrime in retail

Stealing customer information and selling credit card numbers online is becoming increasingly — and unnervingly — easy.

A new report out on Monday from McAfee Labs, the research arm of the company that makes cyber security software, reveals the proliferation of malware that steals consumers’ personal data, and how easy it is for thieves to get their hands on it. This booming sector of the cybercrime industry led to an unprecedented number of records stolen at the end of last year at point-of-sale systems — or the point when consumers pay for goods at a store — such as in the case of the Target security breach last year.

What is disturbing, according to the report, is that thieves can easily buy this malware in “off-the-shelf” purchases and use it to attack consumers  target their attacks to steal whatever information they want from consumers. There’s more malware out there than ever before, and it’s never been easier to buy it and use it to steal credit card information.

The report, which is based on cybercrime data from the fourth quarter of 2013,  offers some explanation for the large-scale and invasive data breaches at the end of last year, including one that hit up to 110 million Target customers during the peak of holiday shopping. Neiman Marcus was also hit with a data breach that likely involved more than 1.1 million debit and credit cards, and Sears last month began investigating a possible security breach with Secret Service, although it has not yet found evidence of an attack.

“The fourth quarter of 2013 will be remembered as the period when cybercrime became ‘real’ for more people than ever before,” Vincent Weafer, senior vice president for McAfee Labs, said in a news statement.

The McAfee report shows the growing ease of such attacks like the one Target experienced, and the immense vulnerability customers face because of the “ready and efficient black market for selling stolen the credit card information.”

“Raw materials, manufacturing, marketplace, transaction support—it’s all there for thieves to use,” the report says.

Among the report’s findings:

  • Unique samples of mobile malware grew 197 percent from the end of 2012 to the end of 2013
  • In 2013, McAfee Labs found 200 new malware samples every minute, or more than three new threats every second.
  • Thieves are offering for sale some of the 40 million credit card numbers reported stolen in the fourth quarter of 2013  in batches of 1 million to 4 million

Image from Bloomberg

Heather Somerville Heather Somerville (215 Posts)

Heather Somerville is a business reporter covering venture capital and startups for the Bay Area News Group.