4 Ways Credit Card Information is Stolen

4 Ways Credit Card Information is Stolen

If you’re a credit card holder, then you’re high on the list of credit fraud targets.  But how do the thieves who want your credit information get it?  And how do you stop it from happening?


number one in blue box  Card Skimming Devices

What are card skimming devices?  Card skimmers are small, flat devices that are a bit thicker than a credit card. Inside the skimmer is a magnetic strip that gathers card information. When the card is slid through the skimmer, just as you would just slide it through a card payment terminal at a merchant.

When this type of fraud is typically used?  The fraudster has to use the skimmer covertly. This is why card skimming is reputed to happen frequently in restaurants. A dishonest server takes your card out of sight, runs it through the skimmer, and then returns the card along with the bill.  

How to avoid being the victim of card skimming: Only pay at point-of-sale locations where you can see how you card is handled, or pay with cash instead of plastic anywhere your card would be taken out of sight to process payment.    

number two in blue box  Decoy Card Terminals

What are decoy card terminals? Decoy card terminals look like the real thing — and the fraudsters are fast at making the swap.

When this type of fraud is typically used?  ATMs and point of sale locations at retailers are the most popular targets, as these terminals receive an exceptionally large volume of card swipes. Decoy card terminals have also been found on gas pump terminals, vending machines, and parking meters. 

How to avoid being the victim of decoy card terminals:  Many ATM owners have gone on the offensive by placing special security indicators on ATM terminals to show whether the terminals are tampered with and retailers as well as departments of transportation have anchored card terminals on small, steel platforms that would require a metal saw — and quite a bit of elbow grease — to remove.  

number three in blue box  Malware on Computers 

What is malware? Malware is software that runs in the background of your computer for a nefarious purpose.  For credit card theft, it’s to collect sensitive information such as your banking information and personal identification.

When this type of fraud is typically used:  Malware can be downloaded to your computer in three ways:  when you visit a site that contains the software, when you open an email attachment you don’t recognize, or using a public computer that already has malware on it (e.g. computers in libraries).

How to avoid being the victim of malware:  Make sure your computer has a software security package that detects malware, don’t enter sensitive information into public computers, and don’t open email attachments from senders you don’t know.

number four in blue box  Merchant Server Breaches

What is a merchant server breach? Merchant server breaches occur when the fraudster has successfully hacked a data system and collects credit card transaction information. While the hacker may not use your information after it’s been collected, they have access to your credit card information, putting it at risk.

How to avoid being the victim of a company server breach:  To prevent these breaches, most financial institutions have reissued credit cards with chip technology—which creates a unique transaction code that cannot be used again, making it more difficult for hackers to access your information.


American Eagle Credit Union offers a full line of financial services — including our VISA credit and debit cards with EMV chip technology.  To speak with us about our VISA credit card options and membership, call our Contact Center today at 1-877-325-2848, or send us an email.


This post was updated from our December 20th, 2016 article.  Read the original post here.

Thank you for your thoughts and comments on this blog topic. We welcome hearing from you. For your security, please do not to request transactions to your account in your comments. Additionally, do not include confidential information in your comments as this communication is not a secure channel for transmission.