On the right of this photo is a 1-euro coin, which is more or less the size of a U.S. dollar coin. On the left is a super-thin skimmer recovered from the card-reader slot of an ATM in Europe. Powered by a watch battery, it was only found when the ATM displayed a “fatal error” message and a technician came by to figure out what was wrong.
The bank that showed this skimmer to Krebs on Security wants to stay anonymous, but is somewhere in Europe. While credit and bank cards in Europe in theory use EMV (computer chip) instead of magnetic strips, they still often have magnetic strips in order to be backwards-compatible in countries that still use magnetic card readers.
When it comes to skimmers, there are a few very basic precautions that you can take to prevent having your bank account drained by a skimmer.
1. Cover your hand while inputting your PIN. Imagine that there’s a camera somewhere above the screen pointing down at your hand, because sometimes there is.
This method is not foolproof: some skimmers use a false PIN pad to capture numbers instead, so shielding your hand wouldn’t work. Most skimmers recovered recently use separate data capture devices and cameras, though, so it’s a helpful tactic. This might mean using walk-up instead of drive-up ATMs if, like me, you’re too short to reach the machine with two hands while sitting in a car.
2. Use a credit card to reduce your fraud liability at a gas pump or kiosk. This one might be a little too obvious, but fraudsters can’t drain your bank account if they don’t have access to it. Yes, you will eventually get the money back, but an empty bank account can lead to a very unpleasant week.
Stealthy, Razor Thin ATM Insert Skimmers [Krebs on Security]