About Us | Contact Us
View Cart

Avoiding ‘Card Skimming’ at ATMs

By Vigilize | Wednesday, June 15, 2011 - Leave a Comment

High-Tech Credit Card Thieves

Be wary when you use automated teller machines (ATMs) and other payment processing machines. Thieves may be using high-tech tools in scams to capture your account information to steal your money.

These scams, known as “card skimming,” involve attaching devices to money machines that read the information on your debit and credit cards when you swipe them. When combined with a nearby concealed camera to record your personal identification number (PIN), the thieves can get everything they need to drain your account or to make unauthorized purchases. In addition to using the information directly, thieves may sell your information to others.

ATMs and automated payment machines in airports, convenience stores, hotel lobbies, and other well-traveled, public places may be most vulnerable to thieves who may think these machines are not regularly inspected by the machine owners. However, card skimming may take place at any ATM or card processing machine, including those on bank premises. As technology makes these devices smaller and more powerful, the risk of card skimming grows.

How High-Tech Thieves Operate
Thieves have many ways to steal your account information. They may attach a card skimmer that looks and acts like a genuine part of the ATM or other type of money machine. The device may be a simple, curved plastic sheath over the card slot. The skimmer reads the magnetic strip or computer chip on your card and transmits your account information to the thieves or saves the information until the skimmer is retrieved.

Thieves may also use a wireless camera concealed nearby in a box holding brochures or in a light fixture. The camera photographs or videotapes your fingers as they enter your PIN on a keypad or screen. Like a card skimmer, the camera can transmit images instantly or save them until the thieves retrieve the camera later. A camera and card skimmer can be used together.

Safeguarding Your Personal Bank Account Information
To help protect you, banks and retailers take measures to minimize the risk of fraudulent use of your debit or credit card, particularly when those purchases are made by telephone or online.

Before approving telephone purchases, retailers typically confirm your identity by asking for personal information. They may ask for your address, the last four digits of your social security number, or answers to security questions you created when you set up your account. Retailers also may ask for the three-digit security code printed on the front or back of your debit or credit card. To protect your online transaction from electronic fraud, many commercial Web sites require you to unscramble a word or a number displayed as a fuzzy or distorted image that is difficult for software to read.

Protecting Yourself With Common Sense Security Measures
Ultimately, you must protect yourself against thieves and the tools they use to access your accounts to steal from you. To protect yourself, follow these common-sense precautions.

  • Walk away from an ATM if you notice someone watching you or if you sense something wrong with the machine; immediately report your suspicions to the company operating the machine or a nearby law enforcement officer.
  • Before using an ATM, examine nearby objects that might conceal a camera; check the card slot for a plastic sheath before inserting your card.
  • Never keep a written copy of your PIN in your wallet or purse as it could be stolen; instead memorize your PIN and keep a paper record hidden at home.
  • When entering your PIN, stand close to the machine and hold your hand over the keypad or screen to make it more difficult for a person or camera to watch you.
  • Beware of strangers offering to help you with an ATM that appears disabled and notify someone responsible for the security of the machine.
  • Regularly review your account statements, either online or on paper, and check for unauthorized withdrawals and purchases. If you find one, immediately contact your bank or credit card provider, as this will limit your financial liability for fraudulent charges.

Federal laws limit your liability from debit and credit card fraud. Two federal laws, in particular, protect you.

The Truth in Lending Act generally limits your liability to $50 for any unauthorized use of your credit card. However, you are not responsible for unauthorized charges on your account—if you report a lost or stolen credit card before the card is used. Also, you are not responsible if the fraud results from someone using your credit card number alone rather than your credit card.

The Electronic Fund Transfer Act also limits your liability for unauthorized use of your debit or ATM cards—if you quickly report the lost or stolen card. You are not held responsible for unauthorized charges if you report the fraud before unauthorized transactions are made. If unauthorized transactions occur before you report your card missing or compromised, your liability depends on how quickly you report the loss.

Additional Information
The Federal Trade Commission provides more information on what to do if your card is lost or stolen in its fact sheet “Credit, ATM and Debit Cards: What to Do if They’re Lost or Stolen,” at www.ftc.gov/bcp/edu/pubs/consumer/credit/cre04.shtm.

The Office of the Comptroller of the Currency has answers about what to do about unauthorized charges and other banking issues at HelpWithMyBank.gov.


Posted by the Comptroller of the Currency: OCC News Release


same_strip_012513

Latest News
    The joint cybersecurity advisory includes the 15 most exploited vulnerabilities reported in 2021… An article review.  While a lot of attention is focused on previously undisclosed or “zero day” attacks, some of the most likely attack vectors are vulnerabilities that have been widely known for weeks or even months.  That’s according to a new joint […]
    Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home.  While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
    The Five Precepts of IT Vendor Management Webinar-Movie We’re going back to basics on Vendor Management. This webinar will give you a training tool to help out that new person that is starting to take on the gargantuan task that is Vendor Management.
    A new way of helping people “read” new guidance… Look for more in the future! To save you time, we are proud to present “Adam Reads” . . . recorded versions of our Guidance Summaries! Below you can find an embedded player for the audio file. If you are having issues with that working, you […]
    You think you’ve finally found stability in your to-do list. Your goals are set, and you’re even making great progress on them all. Audit findings: all addressed. Management requests: Under control. Heck, you might even be able to leave the office five minutes early at least once this year. Then BAM! A press release from […]
    Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates.  New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around […]
    According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing.  That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
    Understanding Banking Trojans… Another Technical Article by Tanvee Dhir! What are Banking Trojans? A trojan is a malicious program that masquerades as a genuine one. They are often designed to steal sensitive information from users (login passwords, account numbers, financial information, credit card information, etc.). A banking trojan is a malicious computer program designed to […]
    Top Seven Risks . . . that small bank Information Security Officers face in 2022! Once again, we compile this list in preparation for updating our normal board of directors awareness training presentation and movies and such.  This list is meant for community-based banks but could apply to small businesses.  How this works can be illustrated […]