Keyloggers are devices that plug in between a keyboard and computer, and they have perfectly legitimate uses. For example, let’s say that you suspect one of your employees is writing “Sherlock” fan fiction instead of doing data entry: you can see what they’re actually typing and find out. The keyloggers found at a Nordstrom store in Florida were put to a use that isn’t legitimate at all: stealing credit card numbers.
Krebs on Security brought this scam to the world’s attention. We’ve showed you skimmers found on ATMs and gas pumps, but how can you get cashiers to hand over customers’ credit cards without their even knowing it? It’s horrifyingly simple: cash registers are just computers, after all, and some systems are pretty old. Police say that the crooks distracted employees and took photos of the back of the register so they would know what components to match, and then did the same to install the keylogger.
Wireless loggers exist. A baddie could just intercept all data, including credit card numbers, from the terminal until someone noticed the device. These were not wireless, but Nordstrom and the police aren’t saying whether the men ever came back to get it, or whether they have been identified or arrested. (Security cameras did spot them.)
This is a skimmer you can’t protect yourself against. the best way to deal with it, if the crooks had managed to get any card numbers, would be to keep an eye on your statements. That’s really all.
Nordstrom Finds Cash Register Skimmers [Krebs on Security]