Skimming is surprisingly easy

Skimming is not particularly new and its victims have been surprisingly easy targets.

Just last December the head of Britain's anti-terror unit, Commander Janet Williams, had her gold card skimmed after she used it to pay for a restaurant bill. She learned she had lost £5000 only when a transaction was declined a few days later because she was over her credit card limit.

This type of skimming, where corrupt employees use hand-held devices out of sight of the cardholder, has been exploited worldwide for many years now and not just in restaurants but pubs, bars and petrol stations.

Lech Janczewski, an associate professor of information security at Auckland University, said it was difficult to say when skimming began because as soon as technology is developed bad use tends to soon follow.

Mr Janczewski said skimming had gone through various phases and the once quite bulky devices had been refined and more recently used to plug over equipment like automatic teller machines (ATMs). Skimming devices could also be hidden by placing them below a high counter in a shop.

There had also been cases where employees had hidden skimmers in their trousers and pretended a card had not worked. They would rub the card on their trousers as if to clean it but in fact the information on the magnetic strip was being read.

Mr Janczewski said such equipment could be purchased on the internet. The readers were mostly being manufactured in Malaysia, Indonesia and Singapore and many of the users were from eastern Europe countries such as Russia and Bulgaria.

"But next year they may be from somewhere else ... you have be very careful making generalisations."

Mr Janczewski said systems needed to be strengthened through the use of passwords as a way of identifying the authorised user. "We need a device that works in parallel ... but there is a question of economy and whether it all becomes too complicated." Other steps included designing ATMs where it was difficult to attach devices or even simple measures like displaying photos on machines showing what they should look like.

"And if they don't look like the photo then don't use it."

Mr Janczewski recommended people change their pin number regularly as skimmers might not use their information straight away. He also advised them to take care in personal banking, keep an eye on their accounts and report any problems immediately.

When signing up for a card they should ensure the contract protects them from bank fraud.

Mr Janczewski said that it was important to keep the risks in perspective given the thousands of lawful transactions made each day.

Creative thieves:


* Last year a gang of Romanian cash machine card fraudsters were caught in a surveillance operation in Britain. They had fitted false fronts and pinhole cameras to a number of cash machines across London. The information was downloaded to a computer and turned into 1233 counterfeit cash cards which netted them £643,000.


* In Tennessee a couple going to use an ATM found a sign on it which read: "Due to recent fraud attempts at this ATM machine we require you to swipe your card in the reader below before using the machine. We appologise (sic) for the inconvenience." The wife was suspicious about the incorrect spelling and on closer examination they realised the card reader and sign were held in place with double-sided tape.


* British police in 2003 warned people to watch out for the "Lebanese loop" scam where a piece of plastic with a sticky loop of tape at its back would be fitted into a cashpoint machine slot. When customers try to use the machine their card gets stuck inside. Assuming it is swallowed they walk away. The fraudster retrieves the card and uses it to withdraw money.

* In Connecticut two men opened a fictitious ATM leasing company. They installed an ATM that was programmed to capture pins and account numbers in an exclusive shopping mall. They disabled the other ATMs by jamming their ports with plastic cards and super glue to steer transactions to their machine.