Provided herein is a computing system for detecting compromised merchants in a payment card network. The computing system includes a processor in communication with a memory, and the processor is configured to: (i) receive historical transaction data associated with historical transactions carried out at merchants, (ii) determine historical values for key merchant variables for each merchant, (iii) store the historical key merchant variable values, (iv) receive current transaction data associated with current transactions carried out at a selected merchant, (v) determine current values for key merchant variables for the selected merchant, (vi) compare the current key merchant variable values with the historical key merchant variable values for the selected merchant, (vii) identify abnormalities between the current key merchant variable values and the historical key merchant variable values for the selected merchant, and (viii) determine that the selected merchant is a compromised merchant based upon the identified abnormalities.