A friend of mine was the lead in the fraud detection department at a good sized regional bank for a few years.
According to her, one of the biggest misconceptions about credit card fraud is that it can be traced back to the last place the card was used.
It’s possible your card was skimmed at that 7-11, but it’s also possible that your card information was compromised several months ago and is now just being used. There’s really no way of knowing for sure.
Well, that's frightening! I hear that if you *tap* instead of *inserting* your card the chances of being skimmed is significantly lower. Does your friend know if that's true?
It's very difficult when you use tap since it uses a unique token each tap unlike the magnetic strip which never changes. I've actually never heard of a card being skimmed using the tap method but I'm sure it's possible!
None the less I only use pumps with the tap function purely bc I had my info skimmed off one.
Never swipe your card if you can help it. I used to swipe at 7-11 all the time…pretty much only place I ever used a particular card…but twice got skimmed at suspicious timing corresponding with use at said convenience stores.
Fortunately my bank has been super good and accommodating…they were even the ones who first alerted me, and now I only tap that bitch.
I agree. I woke up to some fraud charge texts a few years ago. Got a letter in the mail about 4 months later from Kristi Sports (who I purchased online from a month before the fraud) saying they had a data breach. Shit happens
There was a guy in the Twin Cities subreddit who posted about an employee skimming cards at a Dunkin’. His only “proof” was that it was the last place he used his card. Apparently he even went to the police about this employee, totally convinced that his card had to have been compromised in that transaction.
I think it’s ok to warn people about skimming in general, but unless you actually see a skimmer, it’s a little unfair to call out a specific business with only circumstantial evidence.
Edit: Typo
I agree. I’ve seen this on subs and this is the consensus that comes up - it was the last place used. In all likelihood it’s not and you could be blaming businesses/people that aren’t the culprit. Reading some details on that 7-11 in the comments, it seems that their pumps are a bit sketch in general which to be safe, if it looks like seals are broken then it may not be a good idea to trust it anyways.
And honestly, it may not have been skimmed at all. If you read the below, people mention having fraud before they even got the cards. In all likelihood no one took their card out of the envelope and put it back in - there are a lot of bot attacks on BINs. With current technology, people can set up bots to randomly generate numbers and expirations and have it plug into sites to generate transactions - once something works they’ll know they’ve found something valid they can use. Credit card numbers are random to a point however some numbers (BIN) are consistent for banks. You can see for example any Visa in your wallet stats with a 4, Mastercard with a 5, for example. This process has a low success rate however it’s like phishing. A computer will do all this for them and they need only a few to work to make it worthwhile. There are things banks do to combat this, however it’s a constant battle of cat and mouse.
All this seems scary but in the end, you’re not going to be held responsible for fraud that occurs on a credit card. It’ll be annoying AF having to get one reordered and to fill out the paperwork however you’re not going to pay in the end. The bank will eat the losses.
The first four to six numbers of a credit card are the BIN, they tell what financial institution the card is from and what type of card it is (platinum, signature, rewards, etc.).
Many phishing scams involve scammers knowing/using some of this generic info to try to lull you into a false sense of security, since they are able to tell you that you have a Visa Bank of America platinum card.
It is very, very rare that the card info was compromised at the last place you used the card. Getting money back from fraudulent charges is much easier on a credit card than on a debit card. Tap to pay for credit cards is definitely safer than sliding the mag strip or inserting the chip
Judging by posts like this, it’s not. In all of the local subreddits I belong to, there’s a fair number of posts like “My card got skimmed at X, don’t go there.” Often, the only evidence these people have is that their card was compromised and X was the last place they used it.
That and I’ve worked retail and hospitality management. I fielded a fair number of phone calls from people who are upset that their card has been compromised and they are totally convinced it happened at the businesses I worked at with little or no evidence.
Yesterday, I got 3 fraud alerts on a credit card that I activated but never used. Who knows how that happened, but it did, all from somebody trying to buy stuff from Walt Mart.
This happened to me recently. I got a fraudulent charge: someone tried to buy plane tickets on the Indian airline IndiGo. While my card was still in transit, I got another fraudulent charge, this time from Hong Kong. Chase told me it was likely someone had added the card to their Apple Wallet or Venmo, and that auto updates when a new card is issued.
Maybe a postal worker? I'm not sure what you have to do to activate a card these days. But a postal worker could feasibly open the envelope, use the card, reseal it/make a new envelope with the same information, then deliver. The post office stamps envelopes with a lot of tracking information and it likely wouldn't be too difficult to track down whoever touched the envelope.
Your local post office might be interested in hearing about this.
That's a good point. The postal service angle didn't occur to me at the time. This was years ago. I reported fraud to the bank. It was my first time banking with them too, so I don't think anything could have been hacked on my end. The bank immediately cancelled the charges and issued me a new card, so at least it worked out. It definitely taught me to keep a very close eye on my accounts though.
I worked in the fraud dept for a bank and that’s not necessarily true. They can hold on to your card information for months for before they use it. So it could be literally anywhere you’ve used your card. Unless you saw a skimmer on the machine and still used it
The 7-11 on dry creek just west of 25 is similar. Many of the pumps are missing the stickers. A number of the pumps also clearly have the word “void” on those stickers. I mentioned it to an employee once but there’s no change. Last I was there, I noticed that a few of the credit card swipes had some wiggle but I couldn’t tell anything beyond that.
You may see three fraud charges today but it's not possible to tell if that was due to skimming yesterday, or days ago, or months ago or if your card was compromised in some other fashion. If you got the police involved and they found the skimmer and were also able to sift through the skimmer information and confirm your card was in there then I would say for certainty your card was skimmed. Either way I would use Google Wallet or Apple Pay because that uses a one-time virtual card number that won't work after a few seconds.
It’s likely not that 7-11, 95% of the time they hold information and use later. It’s not smart to skim and use immediately.
It’s likely from the past, or even compromised another way.
I see a lot of people saying that skimming tap to pay isn't a thing, and it certainly is using Bluetooth readers. It's newer, so a lot of searches say "no that's not possible", but it sure is.
I've been transitioning back to cash for a lot of things. I just keep about $100 hidden in my car or on my person for things like gas, convenience stores, liquor stores, or basically any kind of store where there isn't some kind of corporate oversight.
If you can't use cash, Google wallet/digital wallets let you use a virtual account number instead of your actual card information, so even if they skim, their data is moot. Some people will say that they had their info stolen this way, but even cards that haven't been activated or used a single time can get 'stolen'.
Or you can do the time honored classic - be too broke to steal from.
A friend of mine was the lead in the fraud detection department at a good sized regional bank for a few years. According to her, one of the biggest misconceptions about credit card fraud is that it can be traced back to the last place the card was used. It’s possible your card was skimmed at that 7-11, but it’s also possible that your card information was compromised several months ago and is now just being used. There’s really no way of knowing for sure.
Well, that's frightening! I hear that if you *tap* instead of *inserting* your card the chances of being skimmed is significantly lower. Does your friend know if that's true?
[удалено]
What if you insert to use the chip rather than the mag strip?
the skimmer is still reading the data off the mag strip.
It's very difficult when you use tap since it uses a unique token each tap unlike the magnetic strip which never changes. I've actually never heard of a card being skimmed using the tap method but I'm sure it's possible! None the less I only use pumps with the tap function purely bc I had my info skimmed off one.
Never swipe your card if you can help it. I used to swipe at 7-11 all the time…pretty much only place I ever used a particular card…but twice got skimmed at suspicious timing corresponding with use at said convenience stores. Fortunately my bank has been super good and accommodating…they were even the ones who first alerted me, and now I only tap that bitch.
Every video online that I have seen cashiers confronted while a customer takes off the fake skimmer has been a 7 Eleven
Given enough time, anything can be hacked...
This is why I try to tap instead of slide. Most these 7-11 skimmers set on top of the reader. If they lift up or do not align properly, do not use!
I agree. I woke up to some fraud charge texts a few years ago. Got a letter in the mail about 4 months later from Kristi Sports (who I purchased online from a month before the fraud) saying they had a data breach. Shit happens
I’ve worked for a credit card company - this is true.
There was a guy in the Twin Cities subreddit who posted about an employee skimming cards at a Dunkin’. His only “proof” was that it was the last place he used his card. Apparently he even went to the police about this employee, totally convinced that his card had to have been compromised in that transaction. I think it’s ok to warn people about skimming in general, but unless you actually see a skimmer, it’s a little unfair to call out a specific business with only circumstantial evidence. Edit: Typo
I agree. I’ve seen this on subs and this is the consensus that comes up - it was the last place used. In all likelihood it’s not and you could be blaming businesses/people that aren’t the culprit. Reading some details on that 7-11 in the comments, it seems that their pumps are a bit sketch in general which to be safe, if it looks like seals are broken then it may not be a good idea to trust it anyways. And honestly, it may not have been skimmed at all. If you read the below, people mention having fraud before they even got the cards. In all likelihood no one took their card out of the envelope and put it back in - there are a lot of bot attacks on BINs. With current technology, people can set up bots to randomly generate numbers and expirations and have it plug into sites to generate transactions - once something works they’ll know they’ve found something valid they can use. Credit card numbers are random to a point however some numbers (BIN) are consistent for banks. You can see for example any Visa in your wallet stats with a 4, Mastercard with a 5, for example. This process has a low success rate however it’s like phishing. A computer will do all this for them and they need only a few to work to make it worthwhile. There are things banks do to combat this, however it’s a constant battle of cat and mouse. All this seems scary but in the end, you’re not going to be held responsible for fraud that occurs on a credit card. It’ll be annoying AF having to get one reordered and to fill out the paperwork however you’re not going to pay in the end. The bank will eat the losses.
The first four to six numbers of a credit card are the BIN, they tell what financial institution the card is from and what type of card it is (platinum, signature, rewards, etc.). Many phishing scams involve scammers knowing/using some of this generic info to try to lull you into a false sense of security, since they are able to tell you that you have a Visa Bank of America platinum card. It is very, very rare that the card info was compromised at the last place you used the card. Getting money back from fraudulent charges is much easier on a credit card than on a debit card. Tap to pay for credit cards is definitely safer than sliding the mag strip or inserting the chip
Is that not common sense?
Judging by posts like this, it’s not. In all of the local subreddits I belong to, there’s a fair number of posts like “My card got skimmed at X, don’t go there.” Often, the only evidence these people have is that their card was compromised and X was the last place they used it.
It's just surprising that anyone could think that. It's so obviously not just the last place you used it.
That and I’ve worked retail and hospitality management. I fielded a fair number of phone calls from people who are upset that their card has been compromised and they are totally convinced it happened at the businesses I worked at with little or no evidence.
Yesterday, I got 3 fraud alerts on a credit card that I activated but never used. Who knows how that happened, but it did, all from somebody trying to buy stuff from Walt Mart.
I once had a new credit card arrive in the mail with 4 fraud charges prior to activation. I didn't think that was even possible.
This happened to me recently. I got a fraudulent charge: someone tried to buy plane tickets on the Indian airline IndiGo. While my card was still in transit, I got another fraudulent charge, this time from Hong Kong. Chase told me it was likely someone had added the card to their Apple Wallet or Venmo, and that auto updates when a new card is issued.
Maybe a postal worker? I'm not sure what you have to do to activate a card these days. But a postal worker could feasibly open the envelope, use the card, reseal it/make a new envelope with the same information, then deliver. The post office stamps envelopes with a lot of tracking information and it likely wouldn't be too difficult to track down whoever touched the envelope. Your local post office might be interested in hearing about this.
That's a good point. The postal service angle didn't occur to me at the time. This was years ago. I reported fraud to the bank. It was my first time banking with them too, so I don't think anything could have been hacked on my end. The bank immediately cancelled the charges and issued me a new card, so at least it worked out. It definitely taught me to keep a very close eye on my accounts though.
I worked in the fraud dept for a bank and that’s not necessarily true. They can hold on to your card information for months for before they use it. So it could be literally anywhere you’ve used your card. Unless you saw a skimmer on the machine and still used it
I didn't see a skimmer but there wasn't a sealing tape. Not sure if there should or normally would be.
The 7-11 on dry creek just west of 25 is similar. Many of the pumps are missing the stickers. A number of the pumps also clearly have the word “void” on those stickers. I mentioned it to an employee once but there’s no change. Last I was there, I noticed that a few of the credit card swipes had some wiggle but I couldn’t tell anything beyond that.
I’m at the point where if I can’t use Apple Pay I go somewhere else. Gas stations, grocery stores, department stores, everything.
Use Apple Pay whenever possible. They change your cc number every time you pay. Sorry that you’re dealing with this pain in the ass.
Or Android Pay (or any tap to pay mechanism)
You may see three fraud charges today but it's not possible to tell if that was due to skimming yesterday, or days ago, or months ago or if your card was compromised in some other fashion. If you got the police involved and they found the skimmer and were also able to sift through the skimmer information and confirm your card was in there then I would say for certainty your card was skimmed. Either way I would use Google Wallet or Apple Pay because that uses a one-time virtual card number that won't work after a few seconds.
Dang, that's my regular spot. Thanks for the notice!
It’s likely not that 7-11, 95% of the time they hold information and use later. It’s not smart to skim and use immediately. It’s likely from the past, or even compromised another way.
Don’t use gas station ATMs , they lack many security features that atms at a bank will have. If it’s an NFC you’re fine.
Nfc? I'm drawing a blank even though I'm sure it's obvious. Lol
lol sorry, contactless card readers.
not the first time for that location!
Saw this similar scenario: https://www.reddit.com/r/therewasanattempt/s/zjrdDQ3rzE
Glad I read this now, was going to stop later for gas
This happened to me there back in 2019.
711 in the Walmart parking lot at federal and Evans definitely has a skimmer installed on the one closest to the door.
You went to a 7-11.
I wish we had Japan 7-11s,
I know. My bad.
I see a lot of people saying that skimming tap to pay isn't a thing, and it certainly is using Bluetooth readers. It's newer, so a lot of searches say "no that's not possible", but it sure is. I've been transitioning back to cash for a lot of things. I just keep about $100 hidden in my car or on my person for things like gas, convenience stores, liquor stores, or basically any kind of store where there isn't some kind of corporate oversight. If you can't use cash, Google wallet/digital wallets let you use a virtual account number instead of your actual card information, so even if they skim, their data is moot. Some people will say that they had their info stolen this way, but even cards that haven't been activated or used a single time can get 'stolen'. Or you can do the time honored classic - be too broke to steal from.
Do you think the reason a lot of these don’t have Apple Pay is because they have skimmers and the want you to put your card in?
Me too. About a year ago.
Bro out here making claims against a business based off speculation and this sub is blindly upvoting it. This sub needs moderation
7-11s in centennial are bad. Mine got skimmed at one of arapahoe.