It’s a normal day—you’re filling up at the gas station or withdrawing cash from an ATM. But unbeknownst to you, criminals may be capturing your credit card information, leading to unauthorized transactions that can drain your
finances. While technology evolves to make cards safer, scammers adapt to exploit any gaps. Staying informed and vigilant is your best
defense against these ever-changing threats.
What Is a Credit Card Skimmer?
A credit card skimmer is a device used by criminals to steal card information by secretly recording data from the magnetic stripe of a swiped or inserted card. As EMV chip cards become standard, criminals have turned their attention to
places where magnetic stripe transactions still occur, like certain ATMs or gas station terminals. This shift has led to a new threat: shimming
devices, which focus on capturing information from EMV chips.
Modern skimmers have also advanced. Some now use Bluetooth or other wireless technologies to transmit stolen data, reducing the
chances of their detection. These devices can even record your PIN, making them a threat at pay-at-the-pump stations, where the adoption
of chip readers has lagged behind.
What Happens When Your Card Is Skimmed?
When criminals skim your card, they capture its details and use that information to make unauthorized purchases, create cloned cards, or commit identity theft. If a debit card is targeted, scammers could drain your bank account. If they
gain access to additional personal information, such as through data breaches or phishing, they might access other accounts, causing even more significant damage.
Understanding Card Shimmers
Shimmers are smaller and more discreet than traditional skimmers. These devices are inserted directly into the chip card reader slot, making them hard to detect. They work by intercepting and recording information from your card’s chip. While traditional skimmers are often external
attachments, shimmers hide inside the card reader. With the stolen information, scammers can create counterfeit cards or make unauthorized transactions.
Types of Credit Card Skimmers
Criminals use various skimmers to steal card information. Here are the most common types:
- Overlay Skimmers: These devices fit seamlessly over the existing card slot.
- Insert Skimmers: These are hidden inside the card reader’s slot.
- Insert Shimmers: Target the EMV chip cards by fitting into the chip card slot.
- Wiretap Skimmers: Intercept data transmissions within the device.
- Bluetooth Skimmers: Enable wireless transmission of stolen data.
- Miniaturized Skimmers: Concealed within or discreetly attached to the card reader.
How to Protect Yourself Against
Skimming and Shimming
Since skimmers are designed to blend in, it’s
essential to be proactive when using your cards. Here are some tips to protect yourself:
- Avoid Suspicious Pay Terminals: Use card readers in well-lit, high-traffic areas, even though criminals occasionally target large chains.
- Inspect Card Readers: Check for signs of tampering, such as loose parts, jiggly components, or unusual protrusions.
- Cover the Keypad: When entering your PIN, cover the keypad to prevent hidden cameras from capturing it.
- Use Chip-Enabled Cards: They are more
secure than magnetic stripe cards, even though they can still be at risk from shimmers. - Opt for Contactless Payments: Tap-to-pay technology eliminates the risk of skimming and shimming.
- Monitor Account Activity: Regularly review your accounts and report any suspicious transactions.
- Use Digital Wallets: Mobile payment apps provide extra security through tokenization. Stick with trusted services like Apple Wallet or Google Pay.
- Prefer Credit Cards Over Debit Cards: If your card is skimmed, disputing fraudulent charges is often easier with credit cards than recovering funds taken directly from a checking account.
Understanding Chip Credit Cards
Chip-enabled cards are designed to be more
secure than magnetic stripe cards. They contain an encrypted microchip that stores and transmits your card information. Each time you use a chip card, it generates a unique transaction code, which makes it difficult for scammers to duplicate the card.
While chip cards significantly reduce the risk of cloning, they are still vulnerable to card-not-present fraud—where scammers use stolen data for online purchases. However, their introduction has substantially decreased cases of skimming at physical terminals.
What You Should Know About Tap-to-Pay Technology
Tap-to-pay, or contactless payment, uses near-field communication (NFC) to securely transmit payment data from a card or smartphone to a payment terminal. The data is encrypted, making it very difficult for criminals to intercept. While there have been isolated cases of scammers
using NFC readers to attempt skimming, security features like transaction limits and authentication help minimize this risk.
Continuous improvements in encryption and
tokenization have made tap-to-pay a safe and convenient option for transactions. Using contactless payments helps consumers protect their data without sacrificing convenience.
What to Do If You’re a Victim of
Skimming or Shimming
If you suspect that your card information has been skimmed or compromised, take immediate action:
- Contact Your Bank or Card Provider:
Report any unauthorized transactions and
request a freeze or cancellation of your card. They can guide you through the dispute process and issue a replacement. - Monitor Account Activity: Keep a close eye on your statements for any further suspicious activity.
- Freeze Your Credit: This step can prevent identity theft. You can unfreeze your credit when you need to apply for a loan.
- Strengthen Passwords and Use Multi-Factor Authentication: Ensure that all
accounts have unique, strong passwords
and enable extra security layers.
If your personal data has been compromised
beyond your card details, notify relevant authorities and credit bureaus to report potential identity theft and explore options for further protection.
Vigilance Is the Best Defense
Being aware of where you use your credit or debit card is critical, but so is routinely reviewing your financial statements and credit reports.
Sign up for account alerts or notifications to keep track of real-time activity. Staying informed about common scams and keeping an eye out for suspicious transactions can make a huge
difference.
By maintaining this vigilance, you can not only catch potential instances of card skimming but also stay alert for any other forms of fraud that might target you. While technology will continue to improve, so too will the tactics of scammers—staying one step ahead is up to you.
Resource: https://staysafeonline.org/resources/protect-your-credit-cards-from-skimmers-and-shimmers/
Contact Info
We empower a more secure, interconnected world.
We encourage everyone to do their part to prevent digital wrongdoing of any kind.
The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world.
We advocate for the safe use of all technology and educate everyone on how best to protect ourselves, our families, and our organizations from cybercrime.
We create strong partnerships between governments and corporations to amplify our message and to foster a greater “digital” good.