Solved

credit card fraud Malware Tools

Posted on 2014-07-25
4
230 Views
Last Modified: 2014-08-25
I have a customer running a Rental car company and a large number of customers credit cards have been defrauded. I have the task to identify if any of their pc are compromised. What would be the best tool to scan for this type of trojan or any other way to ensure the pc's are clean. They currently have Trend Micro Titanium installed. I'm running the standard tools like malwarebytes, spybot, JRT, Adwcleaner at the moment. Any other ideas or comments are appreciated. Thanks
0
Comment
Question by:co_ol
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 88

Expert Comment

by:rindi
ID: 40219036
First of all I'd use an OS that isn't easily attacked by malware, like most Linux distributions. Second, make sure the user accounts used by the users don't have admin rights. Again in most Linux distro's that is the standard setting. Third, teach your users how to use common sense when using the PC, particularly when accessing the internet, not to go to every obscure site, not to blindly open every attachment you get with your mail, encrypt data that is sensitive, etc.
0
 
LVL 10

Expert Comment

by:Schuyler Dorsey
ID: 40220212
As far as malware, I would add TDSS Killer and the ESET Online Scanner to your list. But these will only go as far as detecting mainstream malware.

If someone has actually compromised the network, that would be harder to detect and I would recommend seeking out a professional if you think this to be the case.

As far as prevention, definitely do as the previous poster mentioned in regards to taking away admin rights. Also ensure to harden the computers. I would also seek out a better AV. Symantec and Kaspersky consistently score higher than Trend Micro. I would also consider a strong perimeter security device such as a next generation firewall from Palo Alto Networks.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40220270
No, whatever you do, don't go for any Symantec products, they have the best records of making the worst products possible! They are almost malware already!
0
 
LVL 13

Accepted Solution

by:
Greg Hejl earned 500 total points
ID: 40222525
https://www.pcisecuritystandards.org/

Check that their payment processing systems adheres to the requirements of PCI DSS documentation.

make sure their firewall is correctly configured.

run Malwarebytes and combofix on windows devices.

review MSConfig for unrecognized startup programs, make sure the merchant is not using the payment processing device for any other use.

All transactons from modern device software transfer data via https protocol - investigate this.

good luck!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Website and email setup 4 60
FTP server windows 2008 5 56
Home firewall recommendations 11 86
ow do I browse the internet secretly? 6 47
The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
OnPage: Incident management and secure messaging on your smartphone
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question