E-commerce is habitually expanding. The pandemic has exasperated the need to shop online. The number of e-shoppers is increasing, and so is the number of online scammers, skimmers, and cybercriminals. Companies that provide protection services are fighting tooth and nail to stay up to date with their opponents trying to hack and infect your information. One of the fastest-rising methods of online information theft is credit card skimming or e-skimming.

A good way to limit the risks associated with skimming is to have one card for small daily purchases. A card that only has a little money (or a low credit limit) and a second card that you use for larger purchases such as consumer electronics and deposits to online brokerage firms.  Limiting the use of this second card limits the risk of the card getting skimmed.  This, in turn, limits the risk of losing a lot of money if the card gets skimmed.


Are They the Same?

In the security industry, a skimmer usually refers to the hardware device criminals use to steal information on buyers’ cards. When you complete a transaction at a gas pump, ATM and any other payment terminal with skimmer hardware installed, your information will be stolen. This information can include your credit card information which can be used to make transactions online. As of late, the term skimmer has expanded to include any code or malicious software that accomplishes the same objective.

E-skimmers is most commonly a code that is written into the website’s software. While completing your transactions, this code allows criminals to steal your card numbers and Personal Identifiable Information or PIIs. While entering your card information into the online payment form, the software steals your information in real-time as you write it in. Until the scammed card owners or the websites realize the unwelcome hack in the system, e-skimmers can gain access to thousands of credit cards, as exhibited by the recent holiday season Macy’s online store hack.

How Does it Work?

Whether online or a payment terminal, the system works almost the same. By introducing a malicious script of code into the system, hackers, access and record the payment information in real-time during checkout. The information is then sent over to a collection server run by the hacking criminals, and either used to commit crimes or sold to other criminals in masses.

It is actually quite easy for merchants in real life and online to stop breaches once they detect them. However, since the attack on the system is not conducted on the merchant directly, it can take a long time before the merchant notices the breach. Hackers use a backdoor by attacking the merchant through a third-party system, giving themselves the time to gather peoples card data.

Can I Fight It?

When talking about preventing e-skimming the conversation does tend to sound a wee bit like a bunch of clichés. But, these simple, precautions can truly decrease your chances of suffering major losses from hackers or skimmers.

  • CREDIT CARD SKIMMINGBe observant and aware: before using any ATM, or payment terminal or online shop, make sure everything looks proper. Check for any tampering of the hardware. When online make sure there is nothing out of the ordinary with the site that should raise suspicion.
  • Actively monitor your accounts: Many trusted businesses have recently been hacked, so it is possible to get your information stolen even at a reputable online store. Make it a habit to check your online accounts for any irregular transactions. This can help you stop the skimmers on their tracks.
  • Use protective software: There are several big brands who work in providing their users with a less risky and safer environment to conduct their online business. These programs for your devices that monitory your online activity to prevent any theft of information and access to your PIIs.

Online shopping is not going away, but there are definitely smarter ways to do it. Protecting yourself online can be the difference between losing everything and nothing. Skimmers will do anything to access your information, so you should do the same to stop them.