What is Credit Card Skimming (and how can you protect yourself from it)?

Credit card skimming is a criminal's attempt to steal the financial information residing on a debit or credit card via a malicious card reader. With so much emphasis on digital security threats, it's important not to overlook these physical threats as well.

Credit and debit cards are a simple and convenient alternate payment technique in lieu of cash. But, with so much of our financial information residing on these cards, they can be a major liability, if they fall into the wrong hands.

Credit card skimmers have been around for years and despite our general awareness, continue to increase their victim count. A skimmer is a malicious card reader designed to steal the financial information held on a credit or debit card from the unsuspecting victim. They generally are installed by a criminal over the top of a real payment terminal where a card would be swiped or inserted, like at an ATM or gas station pump. The criminal may also install a small camera or add a fake PIN pad to record any credentials that may be entered.

person making payment with a chip card

In an effort to increase security across all levels, most credit and debit cards are now required to contain a chip. These chip cards were intended to have a much higher security standard than traditional cards, but criminals have developed tools to steal data from these chip cards as well. This is called shimming, and is like skimming, but for these chip enabled cards. These card readers can be placed in the same locations but are generally harder to spot than skimmers, as they need to be positioned inside the card reader and not placed over the top.

When installed properly, these skimmers and shimmers are difficult to spot, but there are some steps we can take to reduce our risks:

  • Check for tampering on any payment terminal where you may be swiping or inserting your card. This could be a different color or material on the keypad or swiping area. Feel around and wiggle some of these places to see if anything seems loose.
  • When typing in your PIN on the keyboard, cover up your entry with your other hand in case there’s a camera installed.
  • Keep close tabs on your finances. It’s always good to review your bank statements, particularly to look for fraudulent charges. The sooner you catch an issue, the easier it will be to stop and resolve.

Want more cybersecurity tips to help keep your business safe & secure? Sign up for our email newsletter and have new articles & tips delivered straight to your inbox monthly.

Posted in

Tracy Hardin

Tracy Hardin is President and founder of Next Century Technologies in Lexington, KY. She has a bachelor's degree in computer science from the University of Kentucky and has earned certifications from Novell, Cisco and CompTIA. Her specialties in the field of IT are network design and security, project management and improving productivity through technology. She loves helping people by sharing her knowledge of tech.