SALT LAKE CITY — When Roberta Romero logged into her bank card account to pay her bill last month, she noticed an unusual charge — $1.40 from a McDonald’s in Brooklyn, N.Y.
The problem was that she had not been to New York recently and the charge was described as an “in person” transaction.
“On (that day), I was using the same credit card at Hill Air Force Base,” she said. She contacted her credit card company and was told that her card had likely been cloned or “skimmed.”
Skimming is the theft of credit card information used in an otherwise legitimate transaction. Often thieves procure a victim's credit card number using more advanced methods — such as using a small electronic device (skimmer) to swipe and store hundreds of credit card numbers from the magnetic strip on the back of the card or basic methods such as photocopying receipts, according to Charles Groat, Zions Bank senior vice president of Bankcard Risk Management.
Skimming can also occur at businesses such as gas stations when a third-party card-reading device is installed either outside or inside a fuel dispenser or other card-swiping terminal, he added. This device allows a thief to capture a customer’s credit and debit card information, including their PIN, with each card swipe.
Instances of skimming have been reported where the perpetrator has installed a device over the card slot of an automated teller machine or gas pump, which then reads the magnetic strip as the user unknowingly passes their card through it, Groat said. These devices are often used in conjunction with a miniature camera that is inconspicuously attached to the ATM or fueling machine to read the user's PIN at the same time.
For Romero, the episode of having her card skimmed left her feeling a bit uneasy. But she avoided any major losses because she worked with her bank, which canceled the card, and she was not held responsible for the fraudulent charges.
“I was lucky that it was only $1.40 that actually got charged,” she said.
Fraud schemes like skimming have become an increasing problem across the country, said Linda Sherry, director of national priorities for Consumer Action — a San Francisco-based nonprofit national consumer education and advocacy group. Crooks use the duplicate cards not only for purchasing good and services, but also to “drain people’s bank accounts.”
“Some of the (skimming devices) are connected wirelessly,” she said. Scammers from a remote location then access the information.
“It’s a problem for the retail industry,” she said. Card companies are becoming much more proactive about contacting consumers about potential fraudulent activity.
“It is all part of their fraud control measures,” Sherry said.
Maverik, which is based in Afton, Wyo., and operates 250 convenience stores and fuel stations in 10 states including more than 100 in Utah, employs fraud safety measures that comply with the payment card industry standards. Those standards include tamper-proof keypads on their payment devices, said Nancy Couch, Maverik loss prevention director.
“If you put a card into one of the pumps equipped with that technology, then it can’t be skimmed,” she said.
The company also uses added features like tamper stickers to indicate whether a pump has been improperly accessed as well as other procedures to enhance security in an effort to prevent fraud wherever possible.
However, Groat said there is only so much that can be done by retailers to avoid scammers. It will require cooperation between merchants and card companies to improve security as well as consumers diligently monitoring their transactions.
“Customers should review their bank statements … and look for out of pattern transactions,” he explained. “Be collaborative (with their bank) to prevent fraud as much as possible.”