Shimming NOT Skimming: The Newest Threaten to Credit Card Transactions

Scammers have now found a way to compromise chip security features to steal information stored on credit cards and bank cards. Through a technique called “shimming”, a sleeker cousin of “skimming”, scammers no longer have to rely on external attachments on ATM's or credit card readers. Shimmers are now small enough to fit easily inside the regular card slot. They act as an interface between the chip reader and chip in any card inserted into the reader. Once inserted, the shimmer will simply read the information on the chip as it is passed to the card reader. Very slick; very troubling.

It’s no longer enough to simply check for a loose or taped face-plate. Since it is becoming increasingly difficult to actually spot a compromised ATM or card reader, it’s better to be proactive to safeguard your cards from unauthorized access. Here are a few tips:

  • Best practice: Use a credit card rather than a debit card for purchases. Credit card companies have more consumer protection procedures in place to help minimize loss in case of fraud, plus consumer liability is less for credit cards than with debit cards.
  • Use ATM's in well lit, high traffic areas.
  • Monitor activity on all credit cards and bank accounts frequently to catch unauthorized charges quickly.
  • Check your credit report frequently to make sure no unauthorized account have been opened in your name.

To learn more about shimming, check out Krebs on Security - ATM ‘Shimmers’ Target Chip-Based Cards. For more tips on how to protect yourself from this form of fraud, go to Redstone Federal Credit Union -  Skimmers and Shimmers: How to Protect Yourself From Card Theft.

To report a scam, go to the BBB Scam Tracker. To find trustworthy businesses, go to bbb.org.