Nov 232017
Free standing ATM machines

Steven Seamark |

Part 1 Part 2 | Part 3

Freestanding, non-bank ATMs are one of the riskiest places to use your debit card. You know those ATMs you see at gas stations, convenience stores, airports and even sometimes at hotels and restaurants? Those machines are extremely vulnerable to hacking. Because of the high volume of traffic, it’s easy to for thieves to install skimmers unnoticed. And the staff at these places are typically not trained to spot skimmers or to notice if something is off or different about the ATM machine.

Using the external ATMs at the bank itself also presents a risk (though not as great a risk) for two reasons. One, because these machines are not supervised at all times, they are susceptible to being hacked / skimmed. The FBI’s fraud division suggests checking for signs that the ATM has been tampered with or damaged in any way, such as loose parts or screws, or parts that seem added on or mismatched. If you see such signs, don’t use the machine, and report it to the bank.

Second, there is the risk of being robbed if you use the machine after hours or at night.

For these reasons it’s safest to use the ATM inside the bank whenever possible.

Nov 022017
Gas station

Steven Seamark |

Part 1 Part 2

Gas station pumps are the mother lode for hackers and scammers. Why? Because they have constant traffic and no supervision. It’s all self-service, so no one is paying attention to what anyone else does at the pump, and no one from inside is monitoring customers’ activities, especially at busier stations. I visit a very busy Arco station near my house, and though there are four workers inside, I literally have never seen any of them inspecting the pumps.

One common strategy thieves use is to install a skimmer device on the gas pump. The skimmer is a hidden electronic device that is placed over the card reader’s real slot. It is designed to look just like the surrounding machine, so you can’t tell the difference. The skimmer scans and records all the information on your card’s magnetic strip. The thieves then copy this information onto a counterfeit card that will draw money from your account.

However, the thieves still need your PIN number, so they install a hidden camera somewhere nearby, to video you as you enter the PIN. After a few days they remove the skimmer and camera, and they have all they need to hack multiple debit accounts.

Considering the high risk of using your debit card at the gas pump, it’s smarter to either use a credit card, or to actually go in the gas station and use your debit card at the register. Or of course you could pay cash.

Next: Part 4 – Non-Bank ATMs

Sep 152017
Internet shopping

Steven Seamark |

Part 1

We live in a brave new world. Online shopping has captured a huge percentage of the consumer marketplace, and that percentage only grows every year. I admit that I buy hundreds of products online every year, including books, DVDs, web hosting services and memberships to online services like Netflix.

Naturally a lot of online purchases are made with debit cards. If you don’t have a credit card or prefer not to use one, then debit cards are really handy for online purchases. I personally have not had a credit card since the recession (2010 or so) when I got in over my head with credit card debt and had to negotiate a settlement. Since then, I use only my debit card for all online purchases. I don’t know what I’d do without it. Maybe you know the feeling.

Sadly for me and possibly for you, using a debit card online is extremely risky. In fact, it is possibly the riskiest of all places to use your card. You might have strong antivirus software installed on your computer, and you might trust the merchant. That’s all well and good.

The problem is that an internet transaction is susceptible to interception or hacking at multiple points. Data could be stolen at the endpoint, meaning at your end, the consumer’s, especially if your computer or mobile device is not secure and is used by other people.

Data could also be stolen at the midpoint, where someone might be hacking into the wireless network.

Lastly, as we have seen in several high-profile breaches, data could be stolen at the start point of the transaction, meaning the seller. We see examples of this all the time, where hackers break into the computers of large-scale retailers and steal thousands or millions of debit card and credit card numbers.

Next: Part 3 – Gas Stations


Jul 082017
Where not to use your debit card

Steven Seamark |

Debit cards look just like credit cards and can be used in much of the same ways, so we sometimes make the mistake of thinking they are the same in all respects. They are not. There’s an important risk that comes with debit cards that is not present with credit cards: it’s much harder to recover your money in case of fraud.

With a credit card, if you find a fraudulent charge on your statement you can dispute it and refuse to pay, and the charges will generally be removed after a cursory investigation.

In the case of debit cards, however, the fraudulent charge draws directly from your bank account. Even if you dispute the charge and eventually get reimbursed by the card issuer, the process can take two or three months, and in the meantime that money is gone from your account, and that could cause some hardship.

So it’s best to be careful where you use your debit card. Here are four places where the risk is especially high:

1. Restaurants

The absolute riskiest place to use your debit card is at a sit-down restaurant.

If you use a debit card to pay your bill at a sit-down restaurant – the kind where the server takes your card away and returns with a receipt – you might well be ordering a side of debit card fraud with your steak and potatoes. During the time the server is gone he/she could make an impression of your card or copy the information.

Even if it’s not a sit-down restaurant – say you call in a delivery order and pay by debit card – some restaurants will keep your card info on file for ease of ordering with future orders. The problem with that is that many small businesses do not have security measures in place to protect your card information.

I consider major chain fast-food restaurants to be an exception. At the drive-in, you hand them the debit card, they swipe it and hand it back just a few seconds later. And major chains will likely have security measures in place. And if you dine-in, of course, you insert the card into the reader yourself. The point being, your card is never really out of your sight.

Next: Part 2 – Internet Shopping

%d bloggers like this: