Tips to Avoid Gas Pump Skimming Attacks
Major David Harper of the Madison County Sheriff’s Office offers advice on identifying and protecting yourself from gas pump skimmers.
According to the National Association for Convenience Stores, 37 million Americans refuel every day. 29 million pay for fuel with a credit or debit card. When skimming occurs at a gas station, it usually takes place at only one pump and a single compromised pump can capture data from more than 100 cards per day.
TAKE STEPS TO PROTECT YOURSELF
Use your eyes: Inspect before inserting your card. Take a good look at the keypad and card reader. Compare them to the key pad and card reader on the other pumps. Check the tape seal for signs of tamper. The fuel dispenser door on the pump housing must be open to install a skimmer inside the pump electronics. Most security seals have some type of serial number and/or date printed on them. These seals are much like evidence tape and will show visible signs of tampering. Be sure to look at the card reader itself to see if you can spot anything hidden or installed there.
Use your fingers: Wiggle the card reader to see if it is loose. There are skimmers designed to fit directly over the existing card reader. Pay attention to how it feels when swiping your card for over tightness. Check electronic key pads for overlaid key pads.
Be aware of Bluetooth: Most criminals are now using Bluetooth technology to capture and retrieve credit and debit card information. This is called bluesnarfing or blue skimming. This allows the offender to monitor the pump from several yards away while card information is transmitted to a laptop computer or other mobile device. You may be able to utilize your smartphone to detect an active Bluetooth connection however it will be difficult to determine the origin or exact Bluetooth device. Most smartphones will only detect Bluetooth within five to 15 feet of your location. Keep in mind that all Bluetooth sources will most likely be detected such as headphones or other vehicle radio systems. There are smartphone apps available that claim to detect Bluetooth skimmers by communicating directly with the skimming device and alerting the app user.
BE CRITICAL and DILIGENT: There is no foolproof way to spot skimmers. It is always advisable to pay inside with cash or credit card. Though not impossible, there is less chance of a skimmer being installed on the payment terminal in front of the clerk. Choose pumps closest to the building and in line of sight of the attendant. Use a credit card or run a debit card as credit to protect your personalized pin number and to be covered by zero-liability policies offered by many credit card companies. Utilize fraud alerts offered by most card issuers and be certain to routinely review your financial statements and credit report.
Consider utilizing Apple Pay, Samsung Pay or Android Pay on your mobile device. By using this method your card never goes into the payment reader that may contain a skimmer. Essentially, your credit card company sends a randomly generated 16-number token or code to your smartphone as a stand-in credit card number so your personal information is never exposed. If a scammer is somehow able to intercept the information, they will only have access to a useless virtual credit card number.
Finally, report any suspicious activity relating to fuel pumps, ATM’s, other Point of Sale terminals and personal financial accounts to local law enforcement immediately.