Headlines and the attention of IT professionals have been dominated by Heartbleed recently, yet it's a news story out of Florida that reminds us of an all-too-common identity-theft threat that most of us face on a routine basis: credit-card skimmers.
From an Orlando Sun report:
Between Nov. 29 and April 3, the (Victoria's Secret clerk) hid the skimmer under her skirt at Orlando Premium Outlets and swiped customers' cards before running them through the cash register, according to court documents.
The woman, whose name is not revealed in court documents, was paid $500 whenever a felon named Alexander Sundeman Sanchez, downloaded card numbers from the device (once a week), records show.
"I forgot to tell u i really only want foreigners and tourists," Sanchez texted the woman, according to court documents.
Three details struck me: The targeting of victims less likely to contact law enforcement; $500 a week is plenty of temptation for a retail-store clerk with a criminal disposition; and the scam went undetected for months.
That's one clerk in one store. Now think of how many times you hand your card to a waiter or insert it into a gas pump or ATM that might also carry a skimmer.
And skimmers - even the fake ATM kind - are not hard for criminals to come by, according to security expert Brian Krebs.
The Secret Service's website has a description of the more popular skimmer scams and offers this advice for avoiding them:
- Ensure your credit card is swiped only once at a register.
- Conceal your PIN as you enter it into an ATM or credit card reader.
In other words, pay cash.
Welcome regulars and passersby. Here are a few more recent buzzblog items. And, if you’d like to receive Buzzblog via e-mail newsletter, here’s where to sign up. You can follow me on Twitter here and on Google+ here.
- 2014's 25 Geekiest 25th Anniversaries.
- Melissa virus turns 15 ... (age of the stripper still unknown).
- Snopes working overtime to debunk Flight 370 hoaxes.
- Journalists fall for phony "Facebook for Drunks" app.
- Teacher's online safety experiment takes trollish turn
- How Apple and Pepsi fumbled their 2004 Super Bowl ad.
- Electric car owner charged with "stealing' 5 cents worth of electricity.
- IBM blames ISPs for "offensive" Internet content ... back in 1994.
- Snowden used sys admin role to collect passwords.
- Eye-opening Morris worm turns 25.
- Do Twitter's active user numbers add up?
- Geek-Themed Meme of the Week Archive.
- Judge orders patent troll to explain ‘Mr. Sham’ to jury
- Did you know Google could do this? I didn’t.