You’ve likely heard of card skimming, which occurs after a crook installs a special device on a card reader that permits them access to anyone’s credit card information that subsequently uses it. Card skimmers are commonly installed by wrongdoers at gas station pumps or even on ATM machines — places many consumers are likely to visit.
But now there’s a new, similar threat that consumers need to be aware of: e-skimming. This threat is here, and fittingly just in time for the holiday season.
So, what is e-skimming exactly? It consists of an Internet hacker infiltrating a company’s online website and, unbeknownst to the consumer, intercepting the purchaser’s credit card information when they go to check out and pay for their order. There are a couple of things that are concerning about this hack. One, it has already been reported on credible online sites, so even secure websites aren’t entirely safe from this threat. And two, it’s often not detected immediately, but days or perhaps even weeks down the line after fraudulent activity appears on a consumer’s credit card statement. This is because it’s difficult for both the online retailer and the consumer to notice whether or not there’s anything wrong, unlike in a physical environment where they may be able to see a skimming device. Much like traditional card skimming, consumers are still making their purchase — but being it’s made online, and the retailer isn’t the only one with access to the credit card information.
Top Websites at Risk
According to officials at the Federal Bureau of Investigation (FBI), any online retailer is at risk. However, the types of outlets that are likely to be the most at risk include:
- Ticketing sites (airlines, concerts, sporting events, etc.)
- Utility companies
- Companies in the travel industry
- Large retailers (Home Depot, Target, etc.)
What Can You Do?
Unfortunately, for this new type of threat, the timing couldn’t be worse. We’re just weeks away from Thanksgiving, and the official kickoff to the holiday season, when many consumers will be flocking to not just the stores, but to their computers to carry out their shopping. And being that the FBI is already seeing cases of e-skimming taking place across the country, there’s reason to believe that more widespread efforts will occur as the busy shopping season heats up.
So, what can you do to minimize the risk of getting e-skimmed? Here’s a look at some tips:
- Beware of sites where you have to enter credit card information: Websites that store your credit card information are generally safe, but those where you have to enter it in every time you make a purchase put you more at risk. We’d suggest taking your business in-store with these types of merchants.
- Look for merchants that take Apple Pay, Amazon Pay or PayPal: Like we noted above, these services store your credit card information for repeated use, which are generally safer than having to enter your information every time you buy something.
- Don’t click ads to take you to merchant websites: These ads could have been created by a hacker to take you to their e-skimming page of the merchant’s website. Instead, go directly to the website you want to do business with yourself.
- Use your credit card: If you do make a purchase and enter in your card information, make sure you use a credit — and not a debit — card. That’s because if you see fraudulent activity on your credit card statement, it’s much easier to dispute and faster to get reimbursed than it would if it were your debit card.
- Check your statements: E-skimming concerns or not, be sure to pay closer attention to your bank and credit card statements this time of year. Doing so can help you detect fraud quicker and resolve the issue in a more timely manner.
With the holidays coming, it pays to know some of the potential threats that may be out there this shopping season. E-skimming looks like it’s going to be one of them, but following the steps listed above can help minimize the potential headache of a fraudulent charge as a result.