Law enforcement and security experts are trying to stay ahead of thieves who are using a “skimmer” device to steal debit and credit card numbers. While not yet widespread, it is something that you should be aware of. Here’s how it works. Thieves will open up equipment where a credit or debit MasterCard or Visa is swiped and place a skimmer device in the path of the card reader. For example when you push your card into a gas station pump card reader, a skimmer would be installed so that your card skims over and is read by this hacker tool as it is also read by the gas pump as part of your transaction process. Once that happens, and the thieves retrieve your card number, they have stolen it and can use it for purposes of identity theft. They can also make unauthorized purchases with your card.

How can thieves install this device? First they mustbe able to open up a locked panel of the gas pump.  They can do this with a stolen or duplicated master key for the pumps, used by service technicians. They then have to be able to install the device quickly and exit the scene without getting caught on security cameras. They don’t have to go back to the skimmer to get the numbers but can retrieve them with a simple bluetooth wireless transmission from a hidden nearby spot.

For other devices, such as a movie rental kiosk or touch pad card reader, they simply add a skimmer device that blends in physically with the look of the card reader. This can also be done on ATM machines where thieves install a small camera to also record your PIN number via wireless video as you key it in.

Illegal card skimmer attached to blend in.

Red Box DVD rental kiosks have been known to be modified with skimmer devices that are the same black color as the legitimate card reader. According to Brian Krebs, a security expert who tracks these cases,

Customers who suspect their local Redbox may have been tampered with should contact 630-756-8866, e-mail alerts At redbox.com or notify the manager of the store or restaurant that houses the machine.

Card reader devices are continually being modified to stay one step ahead of this thieving technology, but small merchants in particular aren’t always able to update their gas pumps or PIN pad machines on a regular basis.