TexasCHLforum.com

This kind of thing has been going on for a while, but it is becoming more sophisticated: Thieves put an overlay on a legitimate ATM that captures the information on the magnetic strip on ATM cards and the PIN. They can then duplicate the card and use it to drain the associated account.

http://online.wsj.com/article/SB1000142 ... lenews_wsj" onclick="window.open(this.href);return false;

I wonder who is manufacturing these devices. They are not garage projects.

- Jim

Discussion and pictures of skimmers here:

http://krebsonsecurity.com/all-about-skimmers/" onclick="window.open(this.href);return false;

seamusTX wrote:I wonder who is manufacturing these devices. They are not garage projects.

http://www.dealextreme.com/products.dx/ ... c%20stripe" onclick="window.open(this.href);return false;

$18 and up, with free shipping.

SmoothFox wrote:Sometimes the nice waiter/waitress will scan your card when he/she takes your card back to run the tab.

As a server, I resent that!
In most restaurants, the payment terminals are within sight of customers and leave little opportunity for a server to do something like this. Also, I think the incidence of servers doing something like this is very low; we're more likely to write in a bigger tip after you leave, assuming you don't take the receipt or copy of your credit card slip with you. I never have, but I've heard of others who have done it. Always take your copy and check it against your statement!

randomoutburst wrote:
As a server, I represent that!

Fixed that for ya! :)

randomoutburst wrote:

SmoothFox wrote:Sometimes the nice waiter/waitress will scan your card when he/she takes your card back to run the tab.

As a server, I resent that!
In most restaurants, the payment terminals are within sight of customers and leave little opportunity for a server to do something like this. Also, I think the incidence of servers doing something like this is very low; we're more likely to write in a bigger tip after you leave, assuming you don't take the receipt or copy of your credit card slip with you. I never have, but I've heard of others who have done it. Always take your copy and check it against your statement!

The waiter/waitress skimming game has occurred several times in the past, I would not consider it rare.

http://www.themonitor.com/articles/card ... tress.html" onclick="window.open(this.href);return false;
http://www.washingtonpost.com/wp-dyn/co ... 02921.html" onclick="window.open(this.href);return false;
http://www.myfoxtwincities.com/dpp/news ... ive-garden" onclick="window.open(this.href);return false;
http://www.valleymorningstar.com/articl ... tress.html" onclick="window.open(this.href);return false;

http://www.creditfyi.com/Identity-Theft ... -Fraud.htm" onclick="window.open(this.href);return false;

The comment was not meant to stereotype all waiters and waitresses, as MOST of them are honest people trying to make a living of $19 checks with $1 tips (but that is another topic). This thread is a good reminder to extend your situational awareness to items in your environment, not just the people in your environment.

After reading that it makes me want to go back to a cash-only transaction basis, but that would mean visiting tellers more often.

Other than the tips given, how does a complete innocent/novice protect oneself from this stuff?

Purplehood wrote:Other than the tips given, how does a complete innocent/novice protect oneself from this stuff?

These devices are usually put on outdoor or unattended ATMs. Using ATMs in bank lobbies should avoid them for the most part.

You can also take a close look at an ATM and recognize the characteristics. The card reader is usually flush with the front panel. If you see a kludgy-looking card reader like the ones in the photos that ELB linked to, pass it by and maybe call the bank.

Also check your bank statements as soon as you get them. I found a credit-card fraud to the tune of about $5,000 that was never explained.

- Jim

I ask because I have found unexplained charges on the same bank card before, and am now on my 3rd-card from that institution. At this point I am pretty-near paranoid.

Purplehood wrote:I ask because I have found unexplained charges on the same bank card before, and am now on my 3rd-card from that institution.

If you find a pattern of fraudulent charges, and assuming that your kids aren't "borrowing" your card or something like that, it suggests that some vendor that you regularly deal with is crooked or has a leak in his electronic card-processing system.

In my case, I had made online charges in two days at three vendors that I had never dealt with before, and a couple of days later the fraudulent charge was registered. I couldn't figure out who might have done it. The credit-card company never told me if they found anything.

- Jim

KaiserB wrote: The waiter/waitress skimming game has occurred several times in the past, I would not consider it rare.

http://www.themonitor.com/articles/card ... tress.html" onclick="window.open(this.href);return false;
http://www.washingtonpost.com/wp-dyn/co ... 02921.html" onclick="window.open(this.href);return false;
http://www.myfoxtwincities.com/dpp/news ... ive-garden" onclick="window.open(this.href);return false;
http://www.valleymorningstar.com/articl ... tress.html" onclick="window.open(this.href);return false;

http://www.creditfyi.com/Identity-Theft ... -Fraud.htm" onclick="window.open(this.href);return false;

The comment was not meant to stereotype all waiters and waitresses, as MOST of them are honest people trying to make a living of $19 checks with $1 tips (but that is another topic). This thread is a good reminder to extend your situational awareness to items in your environment, not just the people in your environment.

Statistically, five instances of this happening (or just being caught doing it) is very low when you consider the number of transactions made daily. I know the number of instances is probably much higher than reported...but once again, consider the number of transactions a day in just one city. One server may run 20 or more credit cards in the course of a shift. There may be 10 servers working at a given restaurant per shift. At ten servers for each of the two shifts per day, that's about 400 credit card transactions for just one restaurant on one day. How many restaurants are in your city? State? The U.S.? And there's 365 days in a year...so finding even a few hundred cases of servers skimming your card, you're at way less than 1% of all transactions.

I know you weren't bashing all servers, but I think that people should be more wary of servers writing in tips than scanning their card. In either case, though, taking your receipts with you and checking them against your statement is an easy way to catch discrepancies. And as always, SA is a good thing and could be extended to watching where your server goes and what s/he does with your card.

Staying on topic with the thread (sort of), my identity was stolen after buying an item online from a vendor I'd never dealt with before. It was only for about $400 on a credit card opened in North Dakota, but it took half a year to get everything worked out...and that was AFTER the 3 months it sat there unnoticed because I checked my annual credit report before this all happened. I will never buy from that vendor again because their server is either unsecured or there's a dishonest person with access to their data. I'm now very wary of any online transaction but continue to pay bills online and purchase from trusted vendors, as I've not had problems with them and am not likely to in the future.

I almost got bit by credit card fraud


03/15/2011 I bought $2.66 of gasoline at a Shell Station on Hiway 281 on my way through Burnet, Texas "Pay at the Pump" (insert card in pump) that's ALL I bought.


Today 03/30/2011 I look at my credit card statement


charges for 03/15/2011

03/15/11 03/15/11
SHELL 57543674402 BURNET TX $ 2.66 Gasoline

03/15/11 03/15/11
US FUND FOR UNICEF NEW YORK NY $ 5.00 Services

03/15/11 03/15/11
AMAZON MKTPLACE PMTS AMZN.COM/BILLWA
NI1H0IR2AJP $ 999.99 Merchandise

Results Total = $ 1,007.65

Credit card company removing the fraudulent charges.
Closing account; issuing new card with new number.
I have to notify my Internet provider (recurring charges)

What evidence do you have that the purchase at Shell had anything to do with the two fraudulent purchases?

The reason I ask is that online transactions like the UNICEF and Amazon charges require the three-digit security code that is printed on the card. I don't think anyone can get that when you use a point-of-sale terminal like a gas pump.

I'm suspicious of online vendors that may have had web sites designed by dodgy designers or have their data processing done by third parties.

The first charge to UNICEF was obviously a test to see if the fraudulent charge would work. At least it was for a good cause.

- Jim

I suspect it was a credit card skimmer device because I only use the card at 3 places normally, and that station I had never been to before.

I use it at Walgreens, HEB and a different Shell station (not in months there though) The one place I never went before, then boom .... I just suspect it. All other charges were valid and normal scanning card at HEB and at Walgreens at the counter and I recall those purchases. On none of my uses was I required to do the 3 digit code and on all purchases I scanned the card myself, not handing it to anyone.

The card people will take care of it though, I don't have to pay anything.
Whatever/whoever's bill got paid at Amazon.com will probably reveal whodunit.

Purplehood wrote:After reading that it makes me want to go back to a cash-only transaction basis, but that would mean visiting tellers more often.

Other than the tips given, how does a complete innocent/novice protect oneself from this stuff?

Like many other things, 100% protection is impossible. A case in point.

I've had a MC with my credit union for years. It is only used locally, never for online purchases, never given to merchants for automatic purchases and literally never leaves my hand unless I there with it. This past Sunday, I got a call from the organization that services that card about several purchases - made in Singapore! A $900 cell phone purchase and two charges at a Singapore marina. Two weeks prior, the only charges that I had made on the card besides those where I swiped the card myself at self-checkout was one charge at a local pizza place. I handed the cashier the card, she swiped it and handed it back to me. So unless there was a skimmer on the Point of Sale terminal or the card has been compromised from a long time ago, there is nothing that I could have done to prevent the situation. I monitored transactions on the card at least every other day. The account is now closed and I have new cards on the way.

Credit cards are a compromise. I prefer the risks to having no recourse with a merchant over a disputed purchase, though I admit that have very few of those. One of the things that I do is never use anyone else's ATMs for cash except for my on bank (BOA). They have plenty of options.

As for the server/tip problem, I always mark that myself and I take a copy of my receipt. I manually match every transaction on my statement to the amount that I entered into Quicken. I've caught all kinds of problems, mistakes and otherwise, by doing that. Sometimes, the errors are my own data entry errors. Some of the others have been just bizarre and would have passed unnoticed if I hadn't made the statement balance work with my own balance.