Self-checkouts are prime targets for skimmer scammers

CONSUMER FORUM

Posted July 11, 2016, at 6:04 a.m.

In the previous column on cloning of credit and debit cards at pay-at-the-pump sites, one piece of advice was key. If one card-reading device does not look like the others, it’s probably wise to avoid it.

“An illegal, fraudulent skimmer (the data-stealing device) is big and bulky and should stand out,” David Leach, principal examiner at Maine’s Bureau of Consumer Credit Protection or BCCP, said. Leach advised consumer to be “situationally aware.” If something doesn’t look or feel right, trust your instincts and keep your card in your wallet.

As in the case of gas pump scams, other businesses that use self-checkout machines are susceptible.

Crooks design a skimmer to look almost exactly like the real machine; a thief can slide on the phony device in seconds and return later to collect the information from the cards of anyone who uses it in the meantime. They usually use the data to buy gift cards or transfer the data to blank cards.

“Skimmer scammers,” as one internet security wonk termed the criminals, have targeted automated teller machines or ATMs for years. ATM skimming grew more than 500 percent from 2014 to 2015 by some estimates.

Just last month, police investigated the discovery of skimmers at bank ATMs in Kennebunk and Wells.

Chris Pinkham, executive director of the Maine Bankers Association, was quoted in one news report as saying it’s “a sign of the times.” Just as none of us is immune to fraud attempts by phone or over the internet, we’re all potential targets of skimmer crooks.

The illegal devices have been found at self-checkout stands at Wal-Mart and Safeway, and no retailer is exempt from skimming attempts. Security experts say the roll-out of chip-embedded cards should slow the rate of skimming offenses; however, many consumers don’t have cards with chips, and many terminals are not yet chip compatible.

Even with chip technology in place, consumers should not be complacent. Thieves won’t give up being thieves because chip-and-PIN or chip-and-signature technologies apply another layer of security; they’ll look for ways to get around any protections that card issuers use.

They’ll also be focusing on the magnetic strips that are still a part of the cards. Those strips still contain sensitive material that thieves want. And the thieves will double down on data stolen earlier. With the spread of chip technology, security experts predict more sales among crooks of data obtained through breaches of retailers’ websites.

Consumers can buy radio frequency ID, or RFID wallets which purport to safeguard card carriers from hacking by passers-by. Some security experts claim aluminum foil works as well. Whatever safety measures you adopt, resolve to be less trusting when a credit or debit card leaves your hand.

Instead of giving that card to a restaurant worker you’ve never seen before — and having that person disappear for several minutes — seriously consider paying cash for your meal.

“Most restaurant owners are pleased to see cash, because it means they don’t have to split their profits [with major credit card companies],” BCCP’s David Leach said.

As always, monitor your financial statements closely — not using public Wi-Fi — and check your credit reports regularly. Before using an ATM, look for signs of tampering: things that don’t line up, mismatched colors or materials and graphics that seem “off.”

See if any parts wobble or rattle; those machines are sturdy, so you should not hear sounds indicating that anything is loose.

When entering a PIN, cover the keypad as best you can. Watch for hidden cameras that may be recording your every move. Be aware.

Consumer Forum is a collaboration of the Bangor Daily News and Northeast CONTACT, Maine’s all-volunteer, nonprofit consumer organization. For assistance with consumer-related issues, including consumer fraud and identity theft, or for information, write Consumer Forum, P.O. Box 486, Brewer, ME 04412, visit https://necontact.wordpress.com or email contacexdir@live.com.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: