If you’ve ever lost your wallet, you know it’s an experience you never want to repeat – not only because you’re out a large sum of money, but also because you may have exposed your personal credit card information. Nowadays, protecting your personal data entails much more than just keeping an eye on your wallet. Crooks have a variety of methods for collecting credit card information right from under your nose – even if you never take your card out of your sight. Fuel pumps, in particular, are frequent targets for fraudsters. Thieves have discovered a technique to steal credit card information directly from gas pump consumers using a device known as a credit card skimmer, all without their knowledge. Here we’ll look at what a wireless credit card skimmer looks like at a gas pump and how to avoid it.
Every day, 37 million Americans fill up their gas tanks, with the vast majority – 29 million — paying with credit or debit.
What Is a Credit Card Skimmer?
Card skimmers are small electrical devices that criminals place discreetly at payment terminals. When a person swipes their card to make a payment, these gadgets steal the information from the magnetic stripe of the card. The stolen data is then used by crooks to conduct fraudulent purchases or build counterfeit cards.
How Does a Credit Card Skimmer Work?
When you insert your credit or debit card into a card reader at an ATM, gas pump, or other points of sale, a credit card skimmer reads the magnetic stripe. The card number, expiration date, and cardholder’s name are then saved by the skimmer. These stripes can even be found on chip-enabled cards.
What Happens If Your Credit Card is Compromised?
According to Tom Kellermann, lead cybersecurity strategist at VMware Carbon Black, hackers use stolen data to make fraudulent charges online or over the phone, sell your data, or generate counterfeit cards.
Skimmed data, according to FraudWatch International, an internet security group that specializes in online fraud and phishing, is typical:
- The information is sent to other nations, where it is reproduced onto counterfeit cards.
- Used to make purchases over the internet or by phone. This is referred to as “card not present” fraud.
- Used to commit identity theft. This happens when a thief uses your stolen personal information to open accounts or take out loans in your name.
If you used a debit card to make a purchase, your personal identification number may have been taken as well, allowing thieves to deplete your bank account. According to David Tente, executive director of the ATM Industry Association for the United States, Canada, and the Americas, fraudsters can accomplish this by placing a counterfeit keypad over the genuine keypad to record the PIN or by inserting a tiny pinhole camera to watch you input the PIN.
What Does a Credit Card Skimmer Look Like?
Credit card skimmers can be difficult to detect since they frequently resemble ordinary card readers. However, being cautious can assist you in identifying these bogus readers out to steal your information.
If the card reader looks different from others in the same spot – for example, a reader that is larger at one gas pump than others at surrounding stations – you may have discovered a credit card skimmer. Readers equipped with card skimmers may not feel as safe. If you can wiggle the reader, it may be equipped with a skimmer.
Aside from ATMs and gas pumps, card skimming devices can be found at ticket kiosks, parking meters, and other locations where a credit or debit card can be swiped. When your card is out of sight, a retail or restaurant employee equipped with a handheld skimmer may collect your card information.
Are Chip Credit Cards Protected Against Credit Card Skimming?
Chip credit cards are safer than magnetic stripe cards because they encrypt payment information, making it more difficult to steal. They can add another layer of security, but they aren’t perfect. This is especially if you have transactions that require the use of a magnetic stripe rather than a chip.
New credit cards issued in the United States are typically chip cards, and they are currently accepted by millions of retail locations. However, they are not utilized for all transactions. Hence, the vulnerable magnetic stripe on the back of your card can be used as a backup.
Chip technology is not always employed in situations where chip readers are used.
Alan Brill, senior managing director of Kroll’s cyber-risk practice, a branch of Duff & Phelps, says he’s observed several cases at businesses where a chip didn’t appear to work, so merchants swiped the card instead. “They shrugged, swiped the (magnetic stripe), and the transaction was completed.”
Read Also: Card Swiping: Is it Illegal?
Responding to the rise of chip-enabled cards, fraudsters are developing new means – specifically, devices are known as “shimmers” – to steal your debit and credit card information.
A shimmer is a small, thin chip that is slipped into a card reader’s slot. A skimmer, on the other hand, is frequently placed above a card reader to make it more visible.
“The sheen is very slight and difficult to detect. It can also take card data from a chip-based card, thereby circumventing the new smart-chip system’s strengthened security “According to David Kennedy, the founder and senior principal security consultant of TrustedSec, an information security consulting firm. According to him, the shimmer records the card data, which is subsequently utilized to create a magnetic stripe card.
Other Methods of Card Skimming
It’s significantly more difficult for a thief to install a card skimmer on a retail store’s point-of-sale (POS) system, but it can happen. Check that the card reader appears as it should. If a restaurant is participating in a scam, it may be impossible to detect because cards are frequently handed to the waiter, who can then swipe the card through a skimmer before returning it to the customer.
Why Does a Wireless Credit Card Skimmer Use Bluetooth?
A shim or wireless credit card skimmer can store data in a variety of ways. They can access on-chip storage by a serial communications interface, a USB key drive, or a Bluetooth adaptor.
The “traditional” method of recovering card data from a wireless credit card skimmer is to remove the device from a gas pump, ATM, or Point-of-Sale device and connect to it via serial port or remove the USB storage device. Physical retrieval is not difficult, but it has an impact on a criminal’s ability to securely scale a card harvesting operation.
If a gadget requires a criminal to physically uninstall it in order to collect their stolen credit card data, they may be caught in the process. Physical recovery is definitely doable, but it adds the risk of detection if a large number of skimmers are used.
Read Also: SHOULDER SURFING: Tips On Preventing Shoulder Surfing
Thieves using these devices are seeking ways to improve the efficiency, scalability, and safety of their operations. This takes us to the topic of Bluetooth radio chipsets. Using Bluetooth saves criminal time, which adds up when they have many card skimmers running.
Given that some thieves are likely to collect data from their card skimmers on a daily basis, it’s simple to see how using Bluetooth would save them time and help them avoid detection. They can sit in a car and remotely grab card info from the wireless credit card skimmer if they employ Bluetooth technology.
Because Bluetooth chips are mass-produced in vast quantities, they are inexpensive to get. They are available on Amazon for less than $10. The cost of creating a custom PCB or board design is low. As a result, attaching a Bluetooth radio to a wireless credit card skimmer device is both inexpensive and simple. According to our research, the majority of credit card skimmers in the United States use Bluetooth Classic rather than the newer Bluetooth Low Energy standard. That may not be the case in Europe.
What Should You Do If Your Credit Card Is Stolen?
While credit card companies deploy fraud detection technologies and may suspend your card at the first sign of fraud, it is impossible for them to capture everything. You may not realize your card has been skimmed until you detect fraudulent charges on your account.
If you suspect card fraud, notify your issuer immediately to reduce your liability and disable card access. Notify the company where you believe the card skimming took place so that a manager can inspect the reader and avoid further theft. Contact your local criminal enforcement agency, your state attorney general’s consumer division, and the Federal Trade Commission. This may not solve your problem, but it may prevent someone else from being skimmed.
How Can You Protect Yourself From a Credit Card Skimmer?
A little vigilance can go a long way toward safeguarding you from credit card skimmers. For example, at a gas station:
- If you’re using a debit card, treat it like a credit card and skip the PIN. If you must use the PIN, hide your hand while inputting the number to avoid being seen by hidden cameras.
- Look for a shattered security seal. Many gas stations are now installing security seals on the cabinet panel. When the panel is opened, the label will read “void,” indicating that tampering has taken place.
- Look for card reader features that are out of the ordinary. The reader at the pump you’re using should be similar to the other readers at the station. You should also be unable to wiggle the reader.
- You can pay inside. This may allow you to avoid using the skimmer entirely.
It’s important to remember that recognizing a skimmer might be tough. This is especially true at gas stations. This is where a skimmer may be hidden inside a pump and cannot be seen with the human eye.
Read also: Counter Credit: Best Easy Guide on Understanding Counting Credit
“Before any transaction, take a minute to pause,” Kellermann advises. Even if you’re in a hurry to get gas or cash from an ATM, it’s important to be cautious.
Other methods for avoiding skimming or recovering rapidly from it include:
- Using chip-enabled cards to make purchases.
- Use cash instead of plastic.
- Using a mobile or online payment providers like Apple Pay, Google Pay, or PayPal.
- Setting up notifications to monitor credit and debit card activities.
- Examine your credit and debit card statements on a regular basis for strange purchases.
- Choosing gas pumps in well-lit areas that are visible to store staff. Scammers frequently install credit card skimmer devices at pumps that are difficult to notice.
- Avoiding ATMs in inconvenient locations.
- When you suspect the existence of a credit card skimmer, go to another ATM or gas pump.
In conclusion
Card skimming is a theft danger to be aware of when shopping, using ATMs or filling up your gas tank. A card skimmer can be identified by performing a rapid visual and physical inspection of a card reader before inserting a credit card. Look for unusual card reader characteristics or faulty security tapes. If credit card information is stolen and used to make fraudulent transactions, the cardholder is protected by the credit card’s zero fraud liability policy. Report any questionable behavior as soon as you notice it. A returned credit is usually transferred to a cardholder’s account, and he or she will soon receive a brand new credit card in the mail.
Credit Skimmer FAQs
How can I detect if skimming is going on?
Skimming is most often discovered by chance. During the financial reporting process, keeping an eye out for lower-than-expected revenue could be a useful tool for spotting skimming. Installing video surveillance in all areas where employees handle cash can function as both a preventive and investigative strategy.
Can a cloned card be used at an ATM?
This cloned card can subsequently be used to make purchases at point-of-sale devices and withdrawals from ATMs (where the customer’s personal identification number [PIN] has also been obtained) (ATM). Skimming refers to the process of copying the magnetic stripe on a credit card.
Can someone scan your credit card in your wallet?
Thieves armed with scanning devices may intercept your card’s RFID signal and take your information as long as they were close to you. Even if your RFID-emitting card was tucked into your wallet, purse, or pocket, thieves may obtain your information.