The PCI Council warns organizations about the risks associated with the Backoff point-of-sale malware. The alert follows an advisory from the Department of Homeland Security, which estimated that more than 1,000 US businesses have had their systems infected by Backoff, a new point-of-sale malware that has been linked to numerous remote-access attacks.

To mitigate the malware threat, the PCI Council recommends that organizations:

• Contact anti-virus providers and ensure the organization has a version of the software that detects Backoff and other similar malware;

• Run the anti-virus solution immediately;

• Review system logs for any unusual or unexplained activity, especially large data files being sent to unknown locations;

• Update all default and staff passwords on systems and applications.

The PCI Council also recommends the use of point-to-point encryption, among other steps, to guard against malware threats.