on Oberm Fur Boots Womens Camel Lined Winter Snow Shoes Ankle Boots Booties Mens Slip Fully Outdoor nrnZXzxW on Oberm Fur Boots Womens Camel Lined Winter Snow Shoes Ankle Boots Booties Mens Slip Fully Outdoor nrnZXzxW on Oberm Fur Boots Womens Camel Lined Winter Snow Shoes Ankle Boots Booties Mens Slip Fully Outdoor nrnZXzxW on Oberm Fur Boots Womens Camel Lined Winter Snow Shoes Ankle Boots Booties Mens Slip Fully Outdoor nrnZXzxW on Oberm Fur Boots Womens Camel Lined Winter Snow Shoes Ankle Boots Booties Mens Slip Fully Outdoor nrnZXzxW on Oberm Fur Boots Womens Camel Lined Winter Snow Shoes Ankle Boots Booties Mens Slip Fully Outdoor nrnZXzxW

on Oberm Fur Boots Womens Camel Lined Winter Snow Shoes Ankle Boots Booties Mens Slip Fully Outdoor nrnZXzxW

From Hand-Held POS Devices to Dummy ATMs
Credit and debit-card skimming can take many forms. Here are the top four credit and debit card skimming attacks hitting U.S. businesses, financial institutions and their customers.

See also:

#1: Hand-Held POS Skimming

The most common type of skimming attack is usually perpetrated by insiders -- a store clerk or waiter who uses a hand-held skimmer device that copies the cardholder data when a customer's card is processed. Once the thief has gets the data from the magnetic-stripe, it's downloaded it to a computer. From there, the card details are duplicated to create so-called "white" cards.

#2: POS 'Swaps'

Retailers are getting hit by so-called point-of-sale swaps, which involve a fraudster trading out an existing POS device with one that has been manipulated to skim card data. This type of attack is what led to the compromise of debit and credit cards used at Hancock Fabrics, as well as other retail locations over the six months.

#3: ATM and Unattended Self-Service Terminal Skimming

ATMs are compromised with skimming devices are placed over the ATM's card-reader. In some cases, other parts of the ATM fascia are covered, to better disguise the skimmer. The skimmer may rely on Bluetooth or cellular technology to remotely transmit card data. Fraudsters often double their efforts with the installation of pinhole-sized camera in brochure holders, light bars, mirrors or speakers to gather PIN details as they are entered. Once the fraudsters collect the PINs and the card numbers, they have enough information to compromise the cards. Pay-at-pump self-service petrol pumps also are susceptible to this type of attack. Authorities have investigated numerous reports of skimming at unattended self-service terminals in different parts of the United States. Separate pay-at-the-pump skimming attacks in Florida and Utah at more than 180 gas stations show the ease with which criminals can install skimming devices on self-service gas pumps and other unattended self-service terminals.

Pay-at-the-pump terminals are vulnerable, namely because they are relatively easy to access. The continued use of default codes or entry for access to the pump's enclosure make them easy targets. Criminals posing as technicians can easily access the terminal and install a skimming-like device inside the enclosure, which is undetectable from the outside. Once installed, these devices are connected directly to the terminal's key pad and card reader, so they collect all of the card data that is swiped and PINs that are entered.

#4: 'Dummy' ATMs

Though not quite so common today as they were 10 years ago, "dummy" or fake ATMs continue to pose concern for the industry. Often resembling smaller, more entry-level-like retail ATMs, these dummy ATMs are often purchased online and installed high-traffic areas. The machines do not dispense cash. Their sole function is to collect card data and PIN details. Oftentimes, these dummy ATMs are powered by car batteries, so that be mobile -- set up on street corners or briefly in front of a heavily visited retail site -- or plugged in to a nearby outlet.

About the Author

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Suede Fur Women's Boots Snow Lined Waterproof Mostrin Boots Lace Flat Winter Up Blue Short Warm HaBqxS

Bootie Nite Date Leather Cole Boot REACTION Women's Black 2 Kenneth Ankle xXB70qfwq

Resources

Latest News

Latest Tweets and Mentions

BnkInfoSecurity

Digital Risk Management: Overcoming The Cumulative Challenges of Modernization, Malice, and Mandates with… https://t.co/QdyOXcfWVb

43 minutes ago. Retweet
DesimusMaximus

RT @ForcepointSec: "There is a mindset issue that exists inside of security, where we try to keep replicating what worked once in the past…

about an hour ago. Retweet
GetCalCISO

FDA to Ramp Up Medical Device Cybersecurity Scrutiny - https://t.co/E0UBvwaWlF https://t.co/aNp5Ru6RCP https://t.co/VvFDQX8wds

about an hour ago. Retweet
alertlogic

#SamSam: Inside One of the World's Top Forms of Ransomware https://t.co/JkLeVOMHM2 #ransomware #infosec https://t.co/OLlAAWpXVT

about an hour ago. Retweet
Follow us on Twitter

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.