According to Candid Wüest, senior threat researcher at Symantec, the devices often take the form of an additional card reader that is placed over the original and records any data that passes through it.
“Skimming devices can be combined with a doctored keypad that is placed over the real one or a small video camera that records the PIN code entered for each card.
“Newer versions even contain a GSM module that will send the encrypted dumps back to the attacker. Video footage from surveillance cameras has shown that scammers can install the fake keypad and card reader in under five seconds,” he says.
Once the criminals have the information, they have the card number and can clone the credit card.
Says Wüest: “The clones can be almost indistinguishable from authentic cards, often including holograms and embossed gold numbers. If the criminals have recorded the PIN codes, the cards can be used at any ATM to withdraw cash.”
Spotting a skimming device is not easy as the devices are highly sophisticated and usually match the look and feel of the credit card or teller machine.
“Consumers should look out for any attached keypads or strange looking card slots. Often they are fixed point mounted and create a small overlap that just looks a bit odd and wiggles a bit.”
Wüest stresses that this type of thievery is not confined to the developed economies and that travellers should be particularly wary when abroad.
“For example, thousands of football fans will be travelling to South Africa in a couple of months for the 2010 World Cup. While the country is a developing economy, it has a highly sophisticated and modern banking infrastructure and credit card fraudsters to match it,” he says.
“The point is that credit card skimming can happen virtually anywhere so while enjoying what South Africa has to offer over and above the World Cup, travellers are advised to pay special attention to what happens to their bank or credit cards, wherever they use them.”
Analysts at Symantec have noted a worrying increase of so-called credit card dumps on offer in criminal underworld over the past year. Dumps are copies of the information stored on the magnetic stripe of the original card usually obtained via electronic ?skimming devices? fitted to the credit card machine or bank teller.