サイトアイコン THE SIMPLE

What is skimming? – Data Security Terminology

Explanation of IT Terms

What is Skimming? – Data Security Terminology

In the realm of data security, “skimming” refers to a malicious practice wherein unauthorized individuals obtain sensitive information from credit card or debit card transactions. Skimming is often performed by installing electronic devices or software on legitimate payment terminals, ATMs, gas pumps, or other devices that process card payments.

These devices, known as skimmers, are designed to discreetly capture the cardholder’s data, including the card number, expiration date, and in some cases, the cardholder’s name. Skimming is a form of identity theft that allows criminals to create or clone counterfeit cards, make unauthorized purchases, or even access the individual’s bank account.

Skimming can occur in various settings, from physical terminals to online platforms. Here are a few common methods that skimmers employ:

1. Physical Skimming

In physical skimming, criminals tamper with legitimate card reading devices to steal card information. They typically attach skimming devices over the genuine card reader or replace the reader entirely. These devices are almost impossible to detect by an unsuspecting card user.

For example, a skimmer can be affixed to an ATM’s card slot, and a camera or a fake PIN pad overlay is installed to capture the user’s PIN code. The skimmer records the card data, and the camera captures the PIN code, allowing the criminals to access the victim’s account.

2. Virtual Skimming

Virtual skimming, also known as online skimming or Magecart attacks, occurs on e-commerce websites. Cybercriminals inject malicious code into the website’s payment processing pages, which secretly captures the cardholder’s data during the checkout process.

This method of skimming is particularly alarming because customers are virtually unable to detect any suspicious activity while making online purchases. The compromised website continues to operate normally, leaving the skimming code undetected by the website administrators and security systems.

3. Contactless Skimming

Contactless skimming involves using NFC (Near Field Communication) readers or mobile applications that can remotely capture the card’s data without physical contact. Criminals with these devices can obtain card information by merely passing near the victim, as long as the victim’s card has contactless payment capabilities.

It’s essential to note that contactless card technology is generally secure and employs encryption to protect the cardholder’s data. However, instances of skimming can still occur in situations where security measures are compromised or vulnerable.

Protecting Yourself from Skimming Attacks

To safeguard against skimming:

By staying vigilant and taking precautionary measures, you can significantly reduce the risk of falling victim to skimming attacks and safeguard your sensitive cardholder information.

Reference Articles

Reference Articles

Read also

[Google Chrome] The definitive solution for right-click translations that no longer come up.

モバイルバージョンを終了