Hotel payment systems is many cases are not built to withstand attacks from outside forces, in fact according to a recent report many hotel computers are not even equipped with the most basic of virus protections, it’s for that reason that hackers recently have begun to target hotel payment systems with a trojan program meant to exploit those system.
Security firm Trusteer revealed this week that the trojan is able to steal a customers credit card information by breaking into a hotel computer and then taking screenshots from point-of-sale applications as credit card and other personal information is being uploaded to each guests account. Credit card information, expiration dates, the customers address, all of that information is captures and then used to steal a hotel visitors personal identity.
The hotel trojan has apparently become so popular that its creators have started selling the program for $280 on underground forums and with the sale users who may not be all that computer hack savvy are given directions on how to use VoIP-based social engineering to trick a hotels front-desk staff into installing the trojan on front desk computers.
In the meantime the trojan appears to become active only when a customers card information is entered into the system, users worried about their identity could instead book their stay through a secondary provider such as Experian, Orbitz and others. Hotel booking systems that take your money upfront are most recommended since they then provide the hotel with a payment card instead of using your own identification.