3 Updates on At-the-Pump Scams

Jackson Lewis, Associate Editor

CHICAGO -- Skimming, the practice of attaching counterfeit card readers to gasoline pumps and ATMs, is still a prevalent issue in American gas stations. And with the holidays in full swing, skimmers and other scammers are sure to be out taking advantage of unsuspecting travelers.

NACS has resources for retailers and consumers to protect themselves from skimming attacks.

NACS says consumers should be encouraged to use a personal identification number (PIN) in their transaction whenever possible, as it reduces the risk of compromise. Consumers should also be careful to use ATMs and gas pumps that are visible and well-lit, and to place reasonable limits on their daily or weekly ATM withdrawals.

For retailers, there is a wealth of tools, including the WeCare decals that mark when a pump has been tampered with, and the SkimDefend app from Arlington, Texas-based Pinnacle, which helps streamline the process of checking to see if a skimming device has been installed onto a pump.

Click through for three updates on skimming and other at-the-pump scams hitting American fuel retailers now …

1. Pennsylvania goes to the source

Pennsylvania State Rep. Kristin Hill has authored legislation that would make it illegal to possess devices that can be used for skimming, according to The Herald, a newspaper based in Mercer County, Pa. Currently, there is no state law against owning the devices unless they are caught in use.

Because of the way the law is structured, police officers who stop a car and find any skimming devices do not have the ability to charge the driver for carrying them. Hill’s legislation would make carrying such a device a felony in Pennsylvania, even if the devices haven’t been used to steal anything.

The State House of Representatives approved the bill in early December. It now goes to the Senate for consideration.

2. Bluetooth ache

Local news station WTOP reported that hackers around the Washington, D.C., area are using Bluetooth to trick drivers into giving them access to their mobile phones.

These bad actors look for drivers distracted by filling up their tanks and ping their phone to join a new network. The hackers give their fake network a simple name like iPhone, hoping those distracted at the pump will join the network without thinking anything of it.

Once victims join the network on their phones, the hackers have access to their personal information.

3. Michigan fights back

Trucker publication Land Line Magazine reported that the Michigan state government recently passed legislation requiring fuel stations to put one or more of the following protections in place against skimmers:

  • Tamper-proof security tape over the panel opening leading to the scanning device.
  • Encryption of payment card information.
  • A device or system to make the pump or scanning device inoperable if the panel is opened without proper authorization.
  • A device to replace a manufacturer-supplied standard lock.
  • Any other measure approved by the Michigan Department of Agriculture and Rural Development.

Michigan police also suggest that consumers pull firmly on card readers before inserting their card, as this is an effective way to determine if a pump has been tampered with.

The new law takes effect Feb. 19, 2018.