Going to an actual attendant and paying cash for gas is something fewer and fewer of us do every year. But for all the problems of cash, it might be less risky than sticking your credit card in any old gas pump, where a skimmer can grab and steal your data with very little effort. And those skimmers are everywhere. Case in point? Arizona.
Security expert Brian Krebs this week delved into the scourge of pump skimmers showing up in The Grand Canyon state of late.
Why Arizona? Well, for two reasons. One, because the state has kept accessible records handy for researchers like Krebs to read, and from which he could create a cool map of incidents.
But also because gas stations there have proven to be super-easy targets, Krebs writes: the vast majority of stations that have been hit are missing fairly low-tech counters. They don’t have security cameras, nor do they have tamper-evident seals on the pumps. That means basically anyone can mess with the pump’s payment system, and nobody will notice or be able to track who.
And messing with those pumps is painfully easy, Krebs continues, because most of the stations where skimmers have been found are still using the factory-default locks on the pumps — meaning basically anyone with a master key could pop ’em all open.
It’s easy to pick the lowest-hanging fruit, basically. The thieves are targeting smaller, independent stations likely to have fewer resources than a massive chain, and worse security practices. They tend to be near highways, for a quick getway.
And since more and more skimmers use bluetooth wireless techology, nobody has to come back suspciously to the scene of the crime to collect the data. They only have to pull up, as if pumping gas, to download it from nearby.
In short, Krebs says, the available data point to “a clear trend of fraudsters targeting owners and operators that flout basic security best practices.” And Arizona, he adds, is just a microcosm — this is happening everywhere (like Dallas and New England and…).
As for what you can do, well, the answer is probably not all that much. By all means, have a good look at any credit card slot before you put your card in, and don’t ever use one that seems suspicious. But skimmers are getting smaller and easier to hide all the time so in the long run, your best bet is always going to be keeping a tight eye on all your statements and reporting any fraudulent charges to your bank ASAP.
Inside Arizona’s Pump Skimmer Scourge [Krebs On Security]
Aucun commentaire:
Enregistrer un commentaire