A thief’s installation of a credit card skimming device on a credit card reader in Brooklyn’s Pomegranate supermarket on Friday was quickly found and neutralized, thanks to the store’s proactive measures.
Security camera footage from the store shows the thief – who was wearing gloves to avoid leaving fingerprints – surreptitiously slipping the credit card skimmer on top of the store’s. Had he been successful, every customer who swiped their credit card at that cash register would have had their information stolen.
Thankfully, that didn’t happen because the store owner, Abraham Banda, says he ensures that the store manager and all cashiers undergo training to immediately spot such things.
In this case, the cashier immediately noticed what was happening, shut down the register, and notified the manager before any shoppers swiped their cards.
Police are now investigating the incident and attempting to identify the perpetrator, who appears to be experienced in such thievery.
A credit card skimming device reads the magnetic stripe on your credit or debit card when you slide it into a card reader at an ATM, gas pump or other point of sale terminal. “The magnetic stripe of a credit card contains the cardholder’s name, credit card number, expiration date and security code,” says Chris Parker, founder of WhatIsMyIPAddress.com and host of the Easy Prey Podcast. “The same data is stored on a debit card as a credit card.” The skimmer then saves this data for future use.
What happens when your credit or debit card is skimmed? Tom Kellermann, senior vice president of cyber strategy at Contrast Security, says hackers use stolen data to rack up fraudulent charges online or over the phone, set up automatic payments, sell your data or create counterfeit cards.
According to FraudWatch International, an internet security organization specializing in online fraud and phishing, skimmed data typically is:
Transmitted to other countries, where the information is copied onto counterfeit cards.
Used to make internet or over-the-phone purchases. This is known as “card not present” fraud.
Used to carry out identity theft. This occurs when a criminal relies on your stolen personal data to set up accounts or take out loans in your name.
What’s scary is that you may not even notice your card has been compromised. Kellermann says some scammers employ the “salami slice” method, where they rack up small charges on thousands of stolen accounts every day or every other day. If you’re not paying close enough attention to your account balance, you’ll miss each “slice” a fraudster takes.
How to Spot a Card Skimmer
A merchant’s payment system might be compromised if you spot a card reader that:
- Is bigger than others nearby.
- Is easy to wiggle.
- Contains a broken security seal on a gas pump.
- Has a pinhole above the keypad, which may be a camera.
As for consumers, here are some strategies to employ to avoid having your credit card data stolen in such a scheme:
– Run your debit card as a credit card without using your PIN
– Cover your hand when typing your PIN
– Pay inside at the gas station
– Use tap-to-pay functionality
– Pay with cash
– Use online or mobile payment services like Apple Pay, Google Pay, or PayPal
– Set up alerts to monitor activity on your credit and debit cards
– Review your statements regularly
– Pick gas pumps in well-lit areas
– Avoid ATMs in out-of-the-way locations
– Stick with your credit card, as it has more liability protection than debit cards
Additionally, experts recommend:
– Resisting the urge to scan random QR codes or click on links from unknown senders
– Turning on automatic updates on your devices
– Using a virtual private network (VPN)
– Setting full-sentence passwords
– Installing antivirus software on all devices
– Turning off Bluetooth and Wi-Fi when not in use
By being aware and taking these precautions, you can significantly reduce the risk of falling victim to credit card skimming and fraudulent scams.
(YWN World Headquarters – NYC)
Join the official YWN WhatsApp status
4 Responses
Please post pictures of the crook that did this! Avrumi the owner of Pomegranate is a great guy kudos to him for training his staff well!
interesting video.
Kill all migrants
OK this second part of the article is a bit fear mongering…
In general:
1. Yes do a quick wiggle / compare to others.
2. Use a credit card if you can, especially chip or phone wallet. Ideally your debit card should only be for a ATM.
The ‘additionally experts recommend’:
1. Automatic updates – sure.
2. VPN — you do NOT need a VPN in the modern age. Every app on your phone use https, a VPN will not make you safer online, its just prevents your ISP from seeing what website you’re going to.
3. Full-sentence password — yes long passwords. More important is setting up two factor authentication where its supported, and use an app for 2FA rather then SMS 2FA. And more more important is using DIFFERENT passwords everywhere, use a password manager. iOS and Android have this built in.
4. Antivirus software — debatable these days. Windows Defender has come a long way. If your kids are constantly plugging in unknown flash drives then might be worth it, but better to have a separate not-internet connected computer for that with not-important files on it. If you do use software, check av-comparatives or similar testing, dont use the preinstalled mcaffee/norton.
5. Off bluetooth/wifi — was a problem in the past similar to VPN, and while this ‘cant hurt’ its probably overkill for the average person. Leaving on will increase odds phone can be tracked if lost.