Technology called endpoint anomaly detection might have found the malware sooner. Such technology establishes a baseline of normal activity and then alerts if there is a deviation.
A protective technology recommended for POS systems is white-listing software that blocks any unknown code from executing.
"Whitelisting works really well in environments where the software that should be running is very restrictive, such as a point-of-sale terminals," Wysopal said.
Businesses like the UPS Store should enforce a standard security policy across franchises, Ehsan Foroughi, director of research for Security Compass, said.
Requirements could include an approved POS system, regular installation of updates and patches, regular password changes, controls for limiting employee and vendor access and regular security training for franchise owners, managers and POS workers.
"A lot of these breaches are because of people who just don't know the risks," Foroughi said.
Sign up for CIO Asia eNewsletters.