Skimming for Beginners


This is actually a resource from 2009 that someone brought to my attention today. Skimming in this instance is nothing to do with separating milk, or speedreading, or even throwing stones across the lake. It's the not-so-gentle art of stealing credit (or debit) card data, normally in the course of a legitimate transaction.

A common example is where a waiter or shop assistant surreptitiously passes your card through a skimming device. And we frequently see stories of skimming devices or pinhole cameras illicitly installed on ATMs (Automatic Telling Machines) in order to steal both data from the card's magnetic strip and the four digit PIN used to authorize the transaction and validate the card user. Unfortunately, most people are going to have trouble identifying any but the crudest forms of such devices.

Regrettably, pretty much anything could happen to your credit card while it's out of your sight. However, the "ATM Card Skimming and PIN capturing Awareness Guide", while it can't cover every possible permutation of illicit additives to your friendly local ATM, does at least offer some guidance as to what to look for.

And if it only makes you think a little more carefully the next time you visit it, that's a Good Thing. And while you may not be able to spot changes made to an ATM you haven't used before, you might at least have more idea of what sort of suspicious objects to look for.

ESET Research Fellow

ESET Threatblog (TinyURL with preview enabled):
ESET Threatblog notifications on Twitter:;
ESET White Papers Page:

Securing Our eCity community initiative:

Also blogging at:

Author David Harley, ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.