You'd Never Spot This Razor-Thin ATM Skimmer

Illustration for article titled You'd Never Spot This Razor-Thin ATM Skimmer

The constant drive for miniaturization doesn't just apply to consumer electronics: the crooks are at it, too. And when it comes to card skimmers, this tiny thing is pretty much impossible to spot.

Krebs on Security has pictures of this new breed of card skimmer—the devices that lurk in a card slot to read your details—which was found in an ATM in southern Europe last week. The bank in whose machine it was found is currently remaining anonymous, releasing these images as a warning to us all. Close-up shots reveal that the thin sheet-metal device is powered by a cheap, tiny watch battery; on board is also a simple magnetic reader and a tiny storage device.

Illustration for article titled You'd Never Spot This Razor-Thin ATM Skimmer

It was almost certainly used in conjunction with a camera to record customer key presses, but a worker from the bank explained that they "didn't capture any hidden camera [because the criminals] probably took it. There were definitely no PIN pad [overlays]. In all skimming cases lately we see through the videos that fraudsters capture the PIN through [hidden] cameras."

These devices are getting so slim that it's now virtually impossible to tell whether an ATM has been hacked to glean you card details. The advice, as ever, remains the same: if anything ever looks even slightly suspicious at an ATM, don't use it. It's just annoying that spotting the problem is getting increasingly difficult. [Krebs on Security]

Share This Story

Get our newsletter



These days, I use a debit only card for all purchases where I'm using an ATM or handing the card off to someone else. I move money over ahead of time onto that card and then use that to do the ATM transaction, leaving a $0 balance. I happen to use a Google Wallet card (it's Google logoed but it's a Mastercard) but other, similar cards will do. Nice thing about the Google card is that I get notified on my phone every time it is scanned so I'll know immediately if it gets hacked or stolen. And, yes, my phone is passworded (with Cerberus taking a picture and notifiying me any time someone enters an unsuccessful password), my Google account uses 2-factor auth, plus Google Wallet itself has a PIN.