Topics Types of Bank Fraud 12 Most Common Types of Bank Fraud Account Takeover (ATO) Fraud Check Fraud ACH Fraud Real-time Payment Fraud First-Party Fraud Wire Fraud Zelle Fraud Types of Card Fraud Credit Card Fraud Debit Card Fraud Lost or Stolen Card Fraud Card Skimming Chargeback Fraud Card Not Present (CNP) Fraud Fraud Defenses Anti-Money Laundering (AML) Crowdsourced Abuse Reporting Device Fingerprinting Real-time monitoring Email Reputation Service IP Reputation Service SR 11-7 Compliance Supervised Machine Learning Suspicious Activity Reports (SARs) Two-Factor Authentication (2FA) Unsupervised Machine Learning Fraud Tactics Bot Attacks Call Center Scams Card Cloning Credential Stuffing Data Breaches Device Emulators GPS Spoofing Money Mule Scams P2P VPN Networks Phishing Attacks SIM Swap Fraud URL Shortener Spam Web Scraping Fraud Tech Device Intelligence Feature Engineering Identity (ID) Graphing Fraud Types Application Fraud Transaction Fraud Payment Fraud Bust-Out Fraud Buyer-Seller Collusion Content Abuse Money Laundering Loan Stacking Synthetic Identity Theft Cryptocurrency Scams Pig Butchering Scams What You Need to Know About Card Skimming Scams The most successful fraudsters know how to attack when we have our guards down. In the case of card skimming, the scammer doesn’t even need to be present to steal card information. What’s scarier is they steal it from us at places we trust—ATMs, gas pumps, even restaurants. Learn how card skimming works, what card skimmers use to steal card information, and how to fight them. What is Card Skimming? Card skimming is a financial fraud involving the illegal capture of a victim’s card information using a device known as a skimmer. Once a fraudster skims a victim’s card information, they can use it to create cloned cards or use it for online transactions. What are Card Skimming Devices? Card skimming devices, or card skimmers, are small electronic devices that steal card information at points of sale. They’re designed to blend in with legitimate card readers, making them difficult to spot. Hidden cameras, illegal components inside a card reader, and devices on top of the actual reader can all skim card information. Some fraudsters can build their own skimmers, but many choose to buy them on the black market. Can Chip Cards be Skimmed? Embedded microchips in cards enhance security and reduce the risk of card skimming. That’s because chip cards generate a unique transaction code for every sale, unlike magnetic strip cards. This also makes it harder to clone chipped cards even if the skimmer does get the card information. Chip cards aren’t immune to credit card skimming, though. Fraudsters can still tamper with legitimate card readers and skim that way. Can Contactless Cards be Skimmed? Contactless cards are generally resistant to traditional skimming techniques. They use both encryption and verification to protect the card’s data and prevent skimming credit cards. But, like chip cards, no card is completely immune to card skimming tactics. Sophisticated criminals have still found ways to exploit vulnerabilities in contactless card systems. Some have skimmers that can intercept communication between a card and the point of sale. That’s why card issuers track and address emerging threats to keep card technology a step ahead of skimmers. Common Card Skimming Methods There are many different types of card skimmers. The methods card skimmers choose depend on where they’re stealing card information from. Physical or Overlay Skimmers Physical credit card skimming devices go on top of legitimate card readers and blend seamlessly with their appearance. You’ll find these skimmers at ATMs, gas pumps, or other outdoor payment terminals. They capture the magnetic stripe data and often use a camera to capture the victim’s PIN. Wireless Skimmers For more secure cards like chip or contactless, advanced wireless skimming devices steal card data remotely. Fraudsters install them near a payment terminal, close enough to collect data without physical contact. Internal Skimmers When fraudsters break into a merchant’s systems or networks, they install malware that captures card data as it processes. This internal skimming is very difficult to spot and can affect a huge number of customers before its finally removed. Card skimming scams to watch for The scam is just as important to card skimming as the skimmer device itself. Here are some of the most prevalent card skimming scams to watch for: Point-of-sale (POS) Skimming This is when fraudsters use physical overlay skimmers to steal card information. How they do it depends on where the skimmer is going: On ATMs, they attach overlays on the card reader and hidden cameras to capture PIN entry On gas pumps, they break into the pump using master keys, then add a skimmer to the card payment slot On handheld card readers at restaurants or bars, they can attach a skimming device or hack the handheld reader to capture card info Card Trapping Card trapping scams are similar to POS scams. The difference is instead of copying and saving the card information from the skimmer, the device traps the card so it won’t eject. Then they can come back later and take the cards they’ve trapped. Online Skimming Online skimming scams, or e-skimming, steal card information directly from e-commerce websites. Fraudsters add malicious code into payment pages that intercept card data at checkout. Sites without an SSL certification (https) are especially vulnerable to these attacks. Bluetooth Skimming Bluetooth skimmers capture and send stolen card data wirelessly. Fraudsters place them near tap to pay terminals so the skimmer can steal the card information as the victim pays. Because they can grab card data without direct physical contact, they’re one of the most flexible skimming methods. Can AI Catch Card Skimming? Artificial Intelligence (AI) plays a crucial role in combating card skimming. The machine learning tools enhance fraud prevention by spotting fraud patterns in vast datasets. Platforms like Datavisor’s use cutting-edge AI algorithms to detect anomalies in customer behavior—even in real time. It detects card skimming specifically by flagging suspicious transactions, like multiple card uses in different locations within a short timeframe. It identifies the cards in these transactions and checks if they are stolen or have been cloned. AI-powered platforms can continually evolve to improve detection accuracy and help fraud prevention teams stay one step ahead of fraudsters. They also unearth connected fraud and crime rings by creating device footprints of criminals. See how DataVisor’s AI powered fraud prevention catches card skimmers in real-time in a personalized demo.