Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 252
  • Last Modified:

credit card fraud Malware Tools

I have a customer running a Rental car company and a large number of customers credit cards have been defrauded. I have the task to identify if any of their pc are compromised. What would be the best tool to scan for this type of trojan or any other way to ensure the pc's are clean. They currently have Trend Micro Titanium installed. I'm running the standard tools like malwarebytes, spybot, JRT, Adwcleaner at the moment. Any other ideas or comments are appreciated. Thanks
0
co_ol
Asked:
co_ol
  • 2
1 Solution
 
rindiCommented:
First of all I'd use an OS that isn't easily attacked by malware, like most Linux distributions. Second, make sure the user accounts used by the users don't have admin rights. Again in most Linux distro's that is the standard setting. Third, teach your users how to use common sense when using the PC, particularly when accessing the internet, not to go to every obscure site, not to blindly open every attachment you get with your mail, encrypt data that is sensitive, etc.
0
 
Schuyler DorseyCommented:
As far as malware, I would add TDSS Killer and the ESET Online Scanner to your list. But these will only go as far as detecting mainstream malware.

If someone has actually compromised the network, that would be harder to detect and I would recommend seeking out a professional if you think this to be the case.

As far as prevention, definitely do as the previous poster mentioned in regards to taking away admin rights. Also ensure to harden the computers. I would also seek out a better AV. Symantec and Kaspersky consistently score higher than Trend Micro. I would also consider a strong perimeter security device such as a next generation firewall from Palo Alto Networks.
0
 
rindiCommented:
No, whatever you do, don't go for any Symantec products, they have the best records of making the worst products possible! They are almost malware already!
0
 
Greg HejlCommented:
https://www.pcisecuritystandards.org/

Check that their payment processing systems adheres to the requirements of PCI DSS documentation.

make sure their firewall is correctly configured.

run Malwarebytes and combofix on windows devices.

review MSConfig for unrecognized startup programs, make sure the merchant is not using the payment processing device for any other use.

All transactons from modern device software transfer data via https protocol - investigate this.

good luck!
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now