Connect with us


Skimming – Recognize Personal Data Theft Modes and Tips to Avoid Them

The case of breaking into the account of a BCA customer with the initials HAK who lost Rp135 million has recently been in the spotlight because it had gone viral on Twitter and Instagram social media. He admitted that he had never made any withdrawals or other transactions with such a large value.

When traced by the bank after the victim contacted BCA customer service, it turned out that there were traces of transactions worth Rp. 135 million from the victim’s account that occurred in Surabaya, East Java, while HAK is domiciled in Bandung, West Java.

The cash withdrawal process was carried out 4 times for the type of withdrawal of funds of IDR 2.5 million. Then there is a record of transferring funds to 2 different account numbers with a nominal value of Rp. 100 million and Rp. 25 million.

The BCA bank also reported that it had returned 100% of the funds to the victim’s account because they considered that the account burglary was not due to the customer’s fault or negligence.

However, at the same time as this incident, the bank said it might be due to skimming (duplication of customer cards). But what is skimming? What are the types and modes?

Confused about finding the best credit card? Cermati has a solution!

Definition of Skimming

Skimming or card skimming is the act of stealing personal information or data (account numbers, ATM PIN/credit cards and so on) by illegally copying the information contained on the magnetic stripe of a debit or credit card.

By modifying the hardware or software of payment instruments or using a card reader (skimmer). The theft of customer data stored on credit and debit cards often occurs when transactions at ATM machines or swipes with EDC machines.

After that, the perpetrator will obtain the information by illegally copying the data on the magnetic stripe of the debit or credit card. That way, the perpetrator can steal funds belonging to the victim without being noticed by the owner.

Generally, after the perpetrators have the victim’s data, they will make a dummy card or clone to make a transaction. The aim of cybercriminals to commit fraud is to steal the victim’s personal data and use it to access and drain money in the victim’s account.

Types of Skimming You Should Know

Skimming is a high-level crime that requires expert-level intelligence and technical skills. Therefore, only certain people can do it. Here are some skimming techniques that are widely used to carry out data theft and account breaches:

1. Use a Card Reader

Using a card reader is the most commonly used skimming technique. You do this by sticking a card reader (card reader) that is very thin and even difficult to see into the mouth of the ATM.

So, when you enter the UK card into an ATM that has a card reader installed, all data from debit, credit, to card PIN numbers will be entered into the card reader.

2. Installing a Hidden Camera

Usually, the person will install a micro camera at the top of the PIN board or ATM mouth that can detect all your activities. Including entering a debit or credit card pin. This micro camera can also be installed in an angle that can look directly at the ATM machine button to enter the PIN.

3. Fake ATM Mouth

The shape and size of the fake ATM mouthpiece is usually exactly the same as the original ATM mouth, so many people cannot recognize the double mouth of the ATM. So when you withdraw some money from the ATM machine and it doesn’t come out, it could be because the money that goes into the mouth of the ATM is fake.

4. Additional Layers on the ATM PIN Button

This technique is by adding an additional layer on the PIN button, usually this technique is done at the same time as placing the micro camera in the mouth of the ATM. So, when the micro camera picks up the ATM card number, an additional layer of fake PIN will record your PIN number.

5. Sending SMS/Link to Personal Email

Apart from ATM machines, skimming can also be done by sending content containing the lure of gifts, discounts, credit bonuses, tour packages, online loans, and others either via SMS or email.

This technique is used under the pretext of withdrawing the prize, the victim will be lured into an ATM machine and directed to follow instructions given by the perpetrator such as transferring funds or top-up e-commerce balances.

Or it could be by directing the victim to click the link from the email that has been sent to withdraw the prize and directing them to a fake website that is similar to the official website of the victim’s bank account which finally makes the victim fill in the username, password and OTP code that can be recorded by the website.

Tips to Avoid Skimming Scam Mode

1. Avoid Lonely ATM Locations

If you want to make a transaction via ATM, it would be better if it was done in a more crowded location. Because a quiet location has the potential to facilitate the actions of people who want to commit crimes.

Avoid visiting ATMs that are not maintained because they are prone to fraud. Choose an ATM that is located safely, such as a branch bank, central bank or mall, supermarket or hypermarket, or gas station.

2. Make sure the ATM has CCTV

Security in the ATM room, one of which has CCTV in it. With CCTV, of course, all situations will be recorded and monitored directly at the bank office. So you don’t have to worry about using an ATM.

3. Checking the ATM Machine

Pay close attention to the physical condition of the ATM machine and its surroundings, if there are irregularities such as scratches, tape, glue marks on the ATM machine, do not make transactions. In addition, pay close attention to the insertion of the card and the keypad (number keys).

If there is anything suspicious, you should immediately report it to the officers / authorities and immediately cancel the transaction.

4. Changing PIN Periodically

It is very important to change your ATM PIN on a regular basis. The goal is for security and to avoid various kinds of fraud risks. Change your ATM PIN with a maximum period of once every three months. Use a unique PIN, avoid birthdays or consecutive numbers.

5. Using a Virtual Credit Card

If it turns out that the virtual credit card has been skimmed, there is no need to replace or block the original credit card. You just need to close the virtual card number. The virtual card feature can be created through the site, and it can also be through the card issuer’s official website.

6. Delete Emails from Suspicious Email Addresses

Check your inbox and spam emails and look for incoming emails with suspicious addresses. Like there or Improper use of numbers in email addresses and inappropriate case.

7. Save or Destroy Proof of Transaction

Usually on the proof of the transaction there is an account number listed, so it can be misused by an irresponsible group of people. This of course can harm someone. So, after making a transaction at an ATM machine, you should save or destroy the proof of transfer by tearing it to the smallest part.

8. Change Magnetic Stripe Cards to Chip Cards

Chip-based cards are believed to be safer from burglary because the data stored on the chip has been encrypted so it is not easy to read. Of course, it is different from magnetic tape ATM cards which are proven to be easy to break into.

9. Checking the EDC Machine

When using an ATM/Debit card at a merchant/store that cooperates with the banking sector, please pay attention to the condition of the EDC (Electronic Data Capture) device.

Note, if there is a suspicious device, do not do the transaction and immediately report to the nearest bank/authorities.

10. Activate SMS Banking Service

By activating this service, you can immediately find out if there are unknown transactions from your account. So, you can more quickly report this to the bank. So that your account can be immediately blocked temporarily to avoid bigger losses.

Increase Vigilance for Transaction Security

Personal data is sensitive and can be stolen very easily. Not only account breaches can be carried out using personal data. But other illegal activities can also be carried out by using personal data that has been stolen by irresponsible people.

So, in addition to securing banking data, make sure you are also painstaking in securing personal data. Such as not carelessly giving ID numbers, cellphone numbers, personal emails or names of biological parents.

Click to comment

Leave a Reply

Your email address will not be published.