Summer is for “fishing” — not “phishing!” Some protection tips from AVPS!

“Phishing” is exactly what sounds like — a “fishing” expedition by the bad guys, usually via “legitimate” seeming emails, or other means, to try and “snag” or “catch” as much sensitive information about you, and your customers, as they can.

You should only be doing one kind of “fishing” in the summer, and it’s not the “ph” kind. Here are some AVPS tips on how to stay safe, and avoid getting “phished:”


Suspect emails will often try to appear as if they’re coming from a trusted source like a bank, credit card company, ISP, etc. If the email is asking you to download an “account statement,” or click through a link to “verify account information,” do not. If necessary, you can copy the URL and paste it in another tab, to see if it’s actually real, and not a trojan horse. The “attached files” will often contain software “worms” to burrow through your system.



Do not give out MID numbers, or any other sensitive information, like terminal IDs, etc. Card providers like Visa, et al, already have this info, but “phishers” posing as banks might want it. Beware any sudden, unscheduled “terminal maintenance” with POS devices. Always call AVPS when questions arise about service or info requests on processing devices.



Make sure you have regular reviews with employees about some of the procedures listed here. Also try to limit the “need to know” basis for MID numbers, acquirer’s BIN, etc., to reduce the possibility of inadvertent leaks



It’s shocking how often this easy step is ignored. The infamous “Target Breach” may have its roots in a vendor not updating their anti-malware software. Make sure all protections for malware, viruses, etc, are regularly kept up-to-date, and that all employee terminals connected to the system have them.


Questions? Ask AVP Solutions! That’s what we’re here for!


And remember: This summer, it’s fishin’ — not “phishin’!”


Tags: , ,

No comments yet.

Leave a Reply

You must be logged in to post a comment.