Credit card skimmer alert

[5kidsmommy]

We've had two issues with fraudulent activity on our debit cards over the 15+ years we've been with our bank. The first one they caught before any charges went through, they just cancelled the card and sent us a new one. The second one they let two small charges through, both for under $20 and then attempted a large purchase which our bank flagged and declines. The money was back in our account within 48 hours. I love our bank. But it's a smaller community bank.

When we travel though we prefer to use our credit card.

 

[robinb]

It has been happening at Disney for a long time. Thanks for the heads up though. There is a guy who does it at the MK that CMs were pretty sure was the person skimming the cards but they could never actually pin it on him it was just suspicion. I know during runDisney events the expo is a hot bed for CC skimmers. I've had mine skimmed almost every time I've done a runDisney event and it is so annoying to have to lock your cards and get a replacement or turn on the extra security features until you get home and can get a new card.

How is your card skimmed at theRun Disney events?

 

[wilkeliza]

How is your card skimmed at theRun Disney events?

Any time your card is swiped in a machine it is possible it could be skimmed. Expos are a big deal because the vendors might rent a swipe machine and have no clue their equipment has a skimmer in it or they leave their booths and someone swaps the machine out. It could be coincidence or not but it seems when I buy something at the expos I get flagged for fraud.

 

[peg110]

the vendors might rent a swipe machine and have no clue their equipment has a slimmer in it or they leave their booths and someone swaps the machine out.

Or the employee (or owner) knows that people are coming from all around the world, and it's less likely they would get caught, so they use their custom payment application to gather the information for the legitimate transaction and then turn around and sell your details on the dark web (or similar).

It's really not that hard to capture your details. A basic "Magnetic Swipe" device can do it. and you can buy one for less than $20.00 You can literally hook it up to your PC (no special software needed) and swipe your card. The reader just acts like another input device (like a keyboard or mouse) and will display the contents of the magnetic swipe on whatever application you had opened (like Word, notepad or even a search box in google).

Just because they are a vendor and can accept credit cards, doesn't at all mean that they can't or won't swipe/skim your details.

 

[Mad Stitch]

Card skimmers are common, they are also pretty easy to avoid. Before using ANY card reader, give a slight pull on the device. Card skimmers are usually placed over a legit reader and are meant to be removed easily. So if a card reader moves any when you tug it, don't use it and notify the merchant. Many card skimmers are attached with 2 sided tape.

They are not easy to detect in all cases. They can also be hidden inside a device.

 

[manning]

Problem with that is even with SMART CASH REGISTERS todays kids are not able to do simple addition and subtraction

Sad isn't it. ran into it at a restaurant. long line. Had to show her how to start counting out change starting from the amount of the bill and stop when she reached the amount given to her. The manager didn't even know how.

 

[robinb]

This is why we all need to go to chip and pin cards.

 

[jdfrye]

Reading this thread.... made me think.


I have a home equity line of credit Visa that I was going to use but the charges will not show up online for a couple of days and there is nowhere on the site that shows whats pending. So I went in my US bank and they said it works differently than their checking debit/visa card checking account.


I want everyday purchases to show up during our trip in the mobile app. So, online, I will transfer a small amount to the debit card from the Equity Line account and use that so if the card is lost stolen or skimmed i can have it replaced very soon and have the equity line CC as a backup until i get a new card. Here is the kicker and why I feel safe doing it this way....I put text alerts for EVERY transaction that goes through on my debit card. For example..the card gets used for my motorhome fillup for anything over a $1 i get a immediate text. So anything over $1 and I get a email and a text. If it is used when I'm not using it I go on the mobile app and freeze the card right on the spot. Feeling pretty safe but still taking some cash with me and will be checking every card reader as I go.

 

[TheRustyScupper]

Let me guess its likely a larger regional or national bank. Try giving a local community
bank a try and you will be surprised.

1) We bank with a National Bank and a large Local Credit Union.
2) Both say the same thing about the time it takes to funds reimbursed.
3) Neither will deposit cash back into the hacked accounts just on our say-so.
4) I would love to see the WRITTEN documentation that a bank will immediately restore accounts.
5) Please cut-and-paste your bank's written policy.

 

[North of Mouse]

Banker here. You have the same protections with a debit card as you do with a credit card. Consumer laws apply to both.

I agree. We have been with a credit union for 50 years (started out for company members only - now open to others for quite some time). We have had credit/debit cards with them since they came out. They back us 100% and have proved it over the years. I have no qualms using my debit or credit cards - don't waste a moment of time worrying about either. We 'never' use our debit cards at gas stations, or any places 'outdoors', as an extra precaution.

Just this past year on vacation, they sent us an email for a possible scammed card (it was), and told us to call the number on our card (not even reply to email as they are sometimes sent fraudulently). Extra security for us.
Our card was used at two table service fast food places for approx. $20 each with $10 tips. Who leaves a 50% tip????

Anyhow, we are totally satisified with our credit union.

 

[Sweettears]

1) We bank with a National Bank and a large Local Credit Union.
2) Both say the same thing about the time it takes to funds reimbursed.
3) Neither will deposit cash back into the hacked accounts just on our say-so.
4) I would love to see the WRITTEN documentation that a bank will immediately restore accounts.
5) Please cut-and-paste your bank's written policy.

The regs allow for a delay based on their interpretation of "receiving notice". From whereI sit a customer calling up and providing notice is considered notification. Requiring written notice is a delay tactic. Allowable but lousy service. How is a written notification received from a customer any more legit than verbal?

 

[Eeyore's My Favorite]

Someplace I missed in the conversation the "calculation wasn't quick enough for your liking" They don't have to "figure" at the cash register, it tells them how much change to give, they just take it out of the register and hand it to you in bulk. I think what Peg110 is saying is we remember the time when your bill was $8.58 and you gave them a $10 bill and they actually counted out "2 pennies, 59, 60, dime 70, nickel 75, quarter $9, and another dollar for $10. Now they just take out $1.42 and hand it to you, you have to count yourself to make sure it's right.

I've been a cashier for the last 8 years with being in banking & law previously and I will tell you I ALWAYS count the change back to my customers. I've done it that way since I was 12 years old doing craft shows with my mom. I'm also a person that trains our incoming cashiers & they are always trained to count the change back. Yes our computers do tell us the amount to return to you but sometimes the customers in the middle of the transaction hands you change after you've already completed the computer portion and that does trip up some cashiers.

 

[Uncranky Donald]

Questions: Clearly (hopefully) there's no issue with skimming and CC's linked to MagicBands correct? I don't even know how that would work, my mind is crashing just trying to think of the logistics

Comment: I learned how to count back change at a register/drive-thru in a fast food restaurant, it was my 1st job. Take the total and count up to the amount they gave me. Even if I have a computer screen in front of me, doesn't matter, thats how I was trained back in the 90's and ahefkuawehfya years later I CHOOSE to use an old school register at my own bar and all my bartenders use the same method. There is no POS, no fancy digital screen, just good old fashion math, it's honestly a very secure feeling knowing the power can go out ( and it has) and we're cool

 

[peg110]

Clearly (hopefully) there's no issue with skimming and CC's linked to MagicBands correct? I don't even know how that would work, my mind is crashing just trying to think of the logistics

ANYTIME you use your credit card it is subject to skimming. Skimming does not only mean physically swipping the card on a device intended to steal your information, but if you give your credit card information over the phone to someone, it's effectively the same thing. It all boils down to the end that received the information (or an intercept in the middle such as an "Added" device on the gas pumps or ATMs) and if they will do anything with that information beyond what they are supposed to do.

The "Chipped" cards are making this harder, however, until ALL merchants are required to use the chip instead of the Mag Strip on the card, that risk is still there. You can be assured though, that scammers and Skimmers are working hard (if they don't have it already) on developing a way to capture that "Chip" data too.

So, to answer your question, the CC'S linked to the Magic Bands COULD be skimmed or have the information stolen if the CM at Disney that took the information was not very trustworthy and stole it. That said, I suspect that Disney has TIGHT controls on their CM that it's highly unlikely (but not impossible). Once the CC and MB are "Linked" though, it's not likely that the CC will be Skimmed/stolen from the MB usage. One would have to steal (or clone) the MB and have your PIN as well. Even if they did have that, they could only use it as the "Magic Band" to access things, and that would only be at Disney. They couldn't take it to the local mall and go shopping.

Sorry to be lengthy in my response. I kind of know a thing about fraud, credit cards, technology, PCI, etc...

 

[Eeyore's My Favorite]

ANYTIME you use your credit card it is subject to skimming. Skimming does not only mean physically swipping the card on a device intended to steal your information, but if you give your credit card information over the phone to someone, it's effectively the same thing. It all boils down to the end that received the information (or an intercept in the middle such as an "Added" device on the gas pumps or ATMs) and if they will do anything with that information beyond what they are supposed to do.

The "Chipped" cards are making this harder, however, until ALL merchants are required to use the chip instead of the Mag Strip on the card, that risk is still there. You can be assured though, that scammers and Skimmers are working hard (if they don't have it already) on developing a way to capture that "Chip" data too.
...

Chipped cards have already been hacked. A friend of mine way hacked the very first time he used his card at Walmart. I've also had multiple customers tell me their chipped card has been hacked.

 

[peg110]

Chipped cards have already been hacked. A friend of mine way hacked the very first time he used his card at Walmart. I've also had multiple customers tell me their chipped card has been hacked.

Is the "Chip" hacked or did they get the Mag Strip info?

Still a LOT of places that cannot accept the chip, so they still have to use a Mag Strip. The chipped cards have both chip and mag stripe. not to mention you can manually add information for online orders which does NOTHING with the Chip. So it doesn't mean they have "Hacked" the chip yet (although I wouldn't be surprised).

I suppose my whole point is, no matter what... You are at risk. The ONLY way to not be at risk of having your Credit or Debit card not used is to NOT have or use them. Otherwise, every time you use it, there is a risk. Being cautious though, will help to minimize it.

 

[rajak73]

I CHOOSE to use an old school register at my own bar and all my bartenders use the same method. There is no POS, no fancy digital screen, just good old fashion math, it's honestly a very secure feeling knowing the power can go out ( and it has) and we're cool

I'm also a person that trains our incoming cashiers & they are always trained to count the change back.

I will applaud with teaching that, our local Walmart, (consider the source here) hardly ever counts you change back, and the Target we shop at hardly ever counts the change back, just a "Your change is $1.28, here you go"

 

[Eeyore's My Favorite]

Is the "Chip" hacked or did they get the Mag Strip info

It was the chip that was hacked. Brand new bank card issued. He was not happy either.

 

[rajak73]

It was the chip that was hacked. Brand new bank card issued. He was not happy either.

Please don't read this the wrong way, just a honest question, How did they know it was the chip that was hacked? Did the card not have a mag strip on it to? I though all cards being issued yet used both because not every merchant is required to use a chip card yet.

 

[Eeyore's My Favorite]

Please don't read this the wrong way, just a honest question, How did they know it was the chip that was hacked? Did the card not have a mag strip on it to? I though all cards being issued yet used both because not every merchant is required to use a chip card yet.

Because where it was hacked you can ONLY use the chip if the machine is chip enabled. You can't do either or. Believe me, I am a busines owner and have learned ALOT because of the conversion to chip enabled machines & the hacking!!