Who is more likely to be in a risk group?

Latest reports state that the most vulnerable sector in the retailing business subject to fraudsters' attacks  is represented by small retailers. Credit card sharks usually violate point of sale terminal systems of this sale group.

A widespread idea that online credit card transactions are less safe than those at a physical store is found erroneous. Rather, traditional small merchants, such as storefronts and fast food outlets are in more risk category.

"It's much easier to hack a brick-and-mortar company than an ecommerce retailer because the large ecommerce companies typically are more sophisticated and have better tools and more software in place," says Robert J. McCullen, chairman and CEO of Trustwave, a Payment Card Industry Data Security Standard (PCI DSS) assessor.

There is a lack of good protection tools at the outlets of small merchants. Usually they don't have any firewall, anti-virus or other software to protect their data from intrusion. Small merchants didn't even think to acquire the protective systems of the kind.

Over 50 percent of security leaks surveyed by Trustwave falls on the food service industry. Businesses of this group, as well as smaller retail outlets, will have to meet new PCI DSS mandates that go into effect in October 2008.