It’s not news that thieves have been able to steal debit card information using “skimmers“—card readers attached to real payment terminals in places like gas stations and ATMs that can steal data off the magnetic stripe on the back of your (and everyone else’s) swiped debit card. And despite roadblocks, these thieves are getting more creative… and may have found a new way to steal your private information.
The latest tools in the world of electronic thievery are deep-insert skimmers. These completely disappear into the payment device slot where you insert your card. They’re inserted deep within an ATM, “behind the shutter of a motorized card reader, and are completely hidden from the consumer,” Consumer Reports says. In conjunction with minuscule cameras and other devices, thieves can use these deep-insert scanners to steal your PIN number and any other information stored on the magnetic strip of your card.
“As the last few years have proven, skimming technology and know-how have improved and are more accessible to the general population,” T.J. Horan, vice president of fraud solutions at FICO Card Alert Services, told Consumer Reports in an interview. “So we will continue to see increases in compromises and the speed at which they occur.”
And according to a recent study from FICO Card Alert Services, this sort of financial theft is a huge—and growing—problem. There was a 70 percent increase in the number of compromised debit cards at ATMs and card readers in 2016. On top of that, the number of card readers at the same kinds of locations that were hacked went up by 30 percent.
You’re at a much greater risk for this kind of financial theft if you use nonbank ATMs, like the ones in convenience stores and hotel lobbies. It’s also more likely you’ll have your information stolen at places like remote gas stations or other “out-of-the-way merchants,” says Michael Betron, a FICO senior product manager.
Occasionally, thieves get caught when they return to the scene of the crime to retrieve the skimmers (and the data within them). But now, many newer versions of skimmers can send data wirelessly to the criminals, who can then make duplicate debit cards and wreak havoc with them.
If you do realize that your card has been hacked or tampered with, you need to act fast. The sooner you notify your bank, the better. You could be on the hook for $50, $500 or the entire amount of withdrawal or unauthorized purchases.
“People really need to pay attention,” Katherine Hutt, a spokeswoman for the Better Business Bureau, told Consumer Reports. “We have convenient access to our money 24/7, but so do scammers.”
So how can you protect yourself? First, stay away from those remote gas stations and nonbank ATMs. If you can’t get cash, use the Venmo app to pay back a friend.
Also, you’re better off with a chip card than just a plain old magnetic stripe, says Owen Wild, director of marketing for security solutions at NCR Corporation. These are marginally more secure than old-school cards, but only if you insert just the chip portion of the card into a reader. If you have to insert the whole thing, you can still get your data stolen from the magnetic stripe.
Finally, look at the actual ATM or sale terminal. If something looks off, it probably is. Try wiggling the keypad or the card slot; if it’s loose or seems unstable, don’t use it. The New York City Department of Consumer Affairs also recommends studying the keypad for a raised surface or a strange color—a thief could have tampered with the keypad to record personal information as it’s typed in. Finally, some gas pumps have a security tape that seals the card reader. If that seal is broken or looks off, it’s a sign the reader could be compromised.
This all seems like a depressing amount of information to take in, but it’s better to be safe than sorry. Know where to use ATMs and where not to use them, and know what to look for when it comes to signs of tampering. That’s the best way to protect yourself, your information and your finances.