Credit card skimmers are getting more advanced and harder to detect especially in ATMs. Skimming is a way criminals steal Credit Card information from their victims by installing a device to ATMs. In fact, CNET reported that the number of compromised money machines has increased from 2014 to 2015 and again in 2016, revealed by an analytics software company – FICO.
This is because criminals are now using virtual skimmers.
This means that criminals can hack into ATMs remotely without having to install any device to the machines physically. Banks have battled this sort of breach by using chips on credit cards that are way more secure than magnetic stripes.
More and more banks are adopting this type of precaution; however, Gas Stations are prone to breaches because they are still using old swipe terminals for their system. This means that criminals have focused their attention on gas stations rather than ATMs.
Criminals can easily install their skimming devices to gas stations
Angel Grant, the director of fraud and risk intelligence at RSA, said that “We’re seeing an uptick of skimmers becoming more common at fuel stations and we anticipate this to continue to grow,” according to a report by CNET.
Gas stations are usually unattended, especially at night time. Criminals may pretend that they are just pumping gas but can actually install their skimming devices in less than 30 seconds. After that, criminals don’t need to touch the skimming devices ever again and can collect the stolen data via Bluetooth.
The Skimmer Scanner app
Apparently, most criminals are using a cheap device called the HC-05. The device is commonly used for educational projects and provides Bluetooth capabilities. Criminals have made the HC-05 their weapon of choice to do their evil deeds.
Since the HC-05 devices are very cheap, only $3 each, its Bluetooth name cannot be changed as well as its default Bluetooth password, which is 1234.
SparkFun’s founder Nathan Seidle used this vulnerability and created an app called Skimmer Scanner that can automatically detect HC-05 devices in gas stations with the use of the default passwords.
However, researchers said that this app is not the long-term solution to card skimmers. They predict that criminals may soon realize the vulnerability of their chosen device and may try to find other ways of accomplishing their evil activities. For now, you can download the app from the Google Play Store.