As called ATM swiping machine

A credit card skimmer is a malicious device that criminals plug into a payment terminal - most commonly at ATMs and gas pumps. If you use a device that has been compromised in this way, the skimmer will make a copy of your card and record your PIN (if it is a debit card).

If you are using ATMs and gas pumps you should be aware of these attacks. Armed with the right knowledge, it's actually pretty easy to spot most skimmers - although these types of attacks have become more and more advanced.

How skimmers work

A skimmer traditionally has two components. The first is a small device that usually slips over the card slot. When you insert your card, the device makes a copy of the data on your card's magnetic stripe. The card goes through the device and enters the device so everything works normally - but your card data has just been copied.

The second part of the device is a camera. A small camera is placed somewhere where it can see the keyboard - perhaps on top of an ATM screen, just above the number pad, or on the side of the pad. The camera is pointed at the keyboard and captures your PIN entry. The terminal continues to function normally, but the attackers simply copied your card's magnetic stripe and stole your PIN.

The attackers can use this data to program a fake card with the data on the magnetic stripe and use it at other ATMs and withdraw money from your bank accounts.

All in all, skimmers are also getting more sophisticated. Instead of a device that plugs into a card slot, a skimmer can be a small, imperceptible device that plugs into the card slot and often does shine is called.

Instead of a camera pointing at the keyboard, attackers can also use an overlay - a fake keyboard that is placed over the real keyboard. If you press a key on the wrong keyboard, it will log the key you pressed and press the real key below it. These are harder to see. Unlike a camera, they also capture your PIN.

Skimmers generally store the captured data on the device itself. The criminals have to come back and get the skimmer to get the captured data. However, more skimmers are now sending this data wirelessly via Bluetooth or even cellular connections.

How to locate credit card skimmers

Here are some tricks for discovering card skimmers. You can't turn off every skimmer, but be sure to do a quick look around before withdrawing any money.

  • Wiggle the card reader : If the card reader moves when you try to wiggle your hand is incorrect. A real card reader should be attached to the terminal so well that it cannot move - a skimmer overlying the card reader can move.
  • Look at the terminal to: Take a look at the payment terminal for yourself. Does everything look a bit out of place? Maybe the bottom plate is a different color than the rest of the machine because it's a fake piece of plastic that is placed over the real bottom plate and keyboard. Maybe there is some strange looking object that contains a camera.
  • Examine the keyboard : Does the keyboard look a bit too thick or does it look different than if you had used the device before? It can be an overlay on top of the real keyboard.
  • Check for cameras : Think about where an attacker is hiding a camera - somewhere above the screen or the keyboard or even in the brochure holder of the device.
  • Use Skimmer Scanner for Android: If you are using an Android smartphone there is a great new tool called Skimmer Scanner that will scan for nearby Bluetooth devices and detect the most common skimmers on the market. It's not foolproof, but this is an excellent tool for finding modern day skimmers that will transmit their data over bluetooth.

If you find something seriously wrong - a moving card reader, hidden camera, or keyboard overlay - alert the bank or the company in charge of the terminal. And if something is wrong, go somewhere else.

Other basic safety measures you should take

You can find common, cheap skimmers using tricks like trying to jiggle the card reader. But here's what you should always do to protect yourself when using a payment terminal:

  • Protect your PIN with your hand : When entering your PIN into a terminal, shield the PIN pad with your hand. Yes, that doesn't protect you from the most nifty skimmers that use keyboard overlays, but you're far more likely to get caught in a skimmer that uses a camera - they're much cheaper for criminals to buy. This is the first tip that you can use to protect yourself.
  • Monitor your banking transactions : You should check your bank and credit card accounts online regularly. Look for any suspicious transactions and notify your bank as soon as possible. You want to find out about these issues as soon as possible - don't wait for your bank to send you a printed statement a month after a criminal withdrew your money from your account. Tools such as or an alert system offered by your bank can also help here and notify you of unusual transactions.
  • Use contactless payment systems: If necessary, you can also protect yourself using contactless payment tools such as Android Pay or Apple Pay. These are inherently secure and completely bypass any type of swipe system, so your card (and card data) never really gets anywhere near the terminal. Unfortunately, most ATMs still don't accept contactless withdrawal methods, but this is becoming more common with gas pumps.

The industry is working on solutions ... Slowly

Just as the skimmer industry is constantly trying to find new ways to steal your information, the credit card industry is developing new technologies to protect your information. Most companies have recently switched to EMV chips, which make it almost impossible to steal your card details because they are much harder to replicate.

The problem is that most card manufacturers and banks have adopted this new technology fairly quickly. Many card readers - payment terminals, ATMs, etc. - continue to use the traditional swipe method. As long as these systems are still in place, skimmers will always be a risk. To date, I cannot say that I have seen a single ATM or gas pump terminal using the chip system, both of which have the highest likelihood of attaching a skimmer. Hopefully we will see the chip system become more productive at payment terminals in 2018.

But until then, you can use the steps found in this part to protect yourself as much as possible. Like I said, it's not foolproof, but doing what you can to keep your data safe and your finances is never a bad idea.

To learn more about this terrifying topic - or to see photos of all of the skimming hardware - check out Brian Krebs' All About Skimmers series on Krebs on Security. It's a bit dated, with a lot of the articles dating back to 2010, but it's still very relevant to today's attacks and worth reading if you're interested.

Image source: Aaron Poffenberger on Flickr, Nick v on Flickr

What is cloudd and why is it running on my mac?

You may have noticed that your Mac is running something called cloudd while using the Activity Monitor. Should you be concerned? What's this? This process is part of macOS and is related to iCloud. RELATED: What Is This Process, and Why Is It Running on My Mac?


How to find the serial number of your Windows PC

Windows does not display your PC's serial number anywhere on its user interface, nor does it display any known system information tools. But you can often find a PC's serial number with a simple command, a look in your BIOS, or on the hardware itself. Run the WMIC command open a command prompt window to begin.