What is Credit Card Skimming and How Does it Work?

  • By David Lukic
  • Nov 09, 2020

You may or may not know what credit card skimming is and how it works, but you should. Credit card skimming is when thieves install skimming devices on ATMs or gas pumps that grab your credit or debit card information as you swipe. More than $1 billion is lost to credit card skimmers each year.

credit card skimming

How Does Card Skimming Work?

Card skimming devices can be very sophisticated, so you don’t even notice, but they can grab your full debit/credit card number along with PINs and take over your bank account before you know what hit you. First, thieves install card skimmer over the real ones that harvest and save your information. Then they use cameras, or 3-D printed keyboards (overlaying the real keyboard) to record your PINs, and that’s all they need to start spending.

Most U.S. credit card skimming devices target the magnetic strip on the back of the card. Even cards with a chip also have the magnetic strip as a backup. In Europe, however, they have made the full transition, but criminals have kept up and focused on EMV cards and chips. Thankfully, most American criminals haven’t stepped up their technology game just yet. However, another version of card skimmers is called shimmers, and they can steal credit card data from chip readers. These are far less common than traditional skimmers, though.

In some cases, malware or other software is installed onto the card reader or gas pump. Malware on card readers is how the Target and Home Depot data breaches occurred, capturing millions of users’ credit cards.

How to Avoid Credit Card Skimmer

When approaching an ATM before using it, look for loose parts or signs of tampering. Pay close attention to the card reader area. Does it look too big, out-of-place or discolored? Is the keyboard too thick? Look for tiny cameras or anything that seems odd near the ATM. If anything seems out of place or doesn’t match, don’t use the machine. Report it to the bank and walk away.

When entering your PIN either at the gas pump or an ATM, assume someone is watching even if you don’t see anyone around. Always cover your hand when entering your code.

Be extra cautious of using ATMs that are in isolated areas that might be perfect spots for the criminals to set up shop. They are less likely to be able to install skimming device on ATMs and gas pumps in highly trafficked areas. Non-bank ATMs are the most vulnerable to card skimmers. Stay away from ATMs at grocery or convenience stores that are way back in a corner.

At the gas pump, make sure the dispenser door hasn’t been opened. Bandits need to insert the reader inside there. If it won’t close properly or looks like it has been opened, use another pump. Always wiggle the card reader, if it jiggles and isn’t secure, it may have been fooled with. Pay inside just to be safe.

Android introduced an app that turns your phone into a Skimmer Scanner. It tests using a Bluetooth connection before you insert your card to ensure there is not a skimmer within range.

Some more sophisticated skimming gadgets allow the bad guys to sit in their car (up to 100 feet away) and hack your credit card number from there. This crime is called bluesnarfing because it uses Bluetooth technology.

Statistics show that credit card skimming occurs more often on the weekends, and criminals install the devices on Saturday and Sunday and then remove them full of credit card data on Monday. If possible, avoid using ATMs and gas pump payment stations on the weekends

If possible, try never to use your magnetic strip and always insert the card into the chip slot instead. Even better, if the merchant allows NSC transactions use Apple Pay, Samsung Pay, or Android Pay instead. These are much more secure payment methods that use virtual credit card numbers that cannot be reused.

credit card skimmer

What to Do if You Are Victim of Credit Card Skimming

If you used your credit card at an ATM or gas pump, and suddenly you notice fraudulent charges on your account, you may have been a victim of credit card skimming. Take the following steps as soon as possible.

  • Cancel the credit or debit card and report the fraud to your bank.
  • Contact the location you used (gas pump or bank where the ATM is located).
  • Review your monthly statement carefully watching for any unauthorized charges.
  • Sign up for credit fraud monitoring with a company like IDStrong.com
  • Consider a credit freeze so no one can open up accounts in your name. 
  • Watch your inbox for any phishing or scam emails
  • Sign up for cards that mask your actual credit card number like Apple Card, or another phone-based payment method.

It is getting more difficult to spot credit card skimmers, so always be on the lookout for anything that looks suspicious and use common sense when snagging money from an unfamiliar ATM or using a gas pump.

About the Author
IDStrong Logo

Related Articles

What is Mail Theft and How to Prevent It in 3 Simple Steps

One of the many ways that identity thieves get their hands on your personal information is through ... Read More

Credit Card Fraud: What Is It and How To Protect Yourself Against It

Credit card fraud is a fact of life, and most Americans have experienced it or know someone who ha ... Read More

Lost or Stolen Phone? Don’t Panic, Follow These Steps

Most of us are tethered to our smartphones like a lifeline. In these tiny little computers, we car ... Read More

Stolen or Lost Wallet: What to Do?

Anyone who has ever lost their wallet or purse, or had it stolen, knows that instant spark of pani ... Read More

7 Most Common Types of Identity Theft That Can Happen to You

Identity theft is a major concern for many Americans these days with data breaches, ransomware att ... Read More

Latest Articles

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Anyone paying even little attention to cybersecurity knows that medical practices and services are some of the most targeted institutions in the world.

Weekly Cybersecurity Recap January 27

Weekly Cybersecurity Recap January 27

This week, our lineup is pretty hard-hitting. Some of the biggest names in, well, everything, have been hacked, with a combined victim total of well into the millions.

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp has been hacked repeatedly over the years; there is very little surprise in the breach, though one thing should be considered.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address
Close