Blake Dowling
Today’s cyberthreat landscape is an ever-changing minefield.
Emerging issues include hackers launching emails, texts, and phone calls, trying to pry your personal information (or dollars) out of your pockets.
And lest we forget … the skimming attacks taking place at gas stations all over the state.
This week, I had an opportunity to sit down with Secretary of State Laurel Lee. We started the cybersecurity conversation with card skimming, leading into elections and how much the game has changed in the past 10 years.
Over the past year, Lee and her team have been doing a fantastic job rewriting the playbook on cybersecurity in our state and specifically regarding elections.
Speaking of rewriting playbooks, I was discussing with our team the importance when working with a client to have “situational awareness” at all times, knowing your “down and distance” is crucial to getting a problem solved and simultaneously meeting expectations.
The days of break and fix IT are long gone.
The same approach applies to all things tech. If you are using technology in any way (unless you are on that show “Alaska Off the Grid.” Do you watch that? Outhouses?) there is a chance your information is at risk.
Back to skimming — you may have recently read about skimming at the gas pump. This is where hackers place a device over (or inside) a gas pump card reader; the device generally allows you to get gas like normal, but it also swipes your credit card info.
Once they have the card number, criminals can put it on some blank credit cards purchased on the dark web (or the normal web, as mentioned below) ready to cause havoc to your accounts.
According to the Florida Department of Agriculture and Consumer Service (via News4Jax) 94 skimmers were found in 2019 across the state.
Please note that these are just the ones they found.
Estimates range from 100s to even 1000s of skimmers might be in place at any given time.
“Every single skimmer is $1 million of fraud on a consumer,” said Florida Commissioner of Agriculture and Consumer Services Nikki Fried in the same column.
Those are some staggering stats.
Why does this keep happening? Because, like phishing, smishing, ransomware and all other hacks, people keep falling for it.
If the pump looks weird, don’t use it. Call the FDLE, notify the gas station’s manager, bring the fight to the hackers.
Also, do not use your debit card at the pump, it is much harder to get a refund from a PIN transaction than from a credit card.
Also, keep on the lookout for broken seals, keypads that look too big or don’t match the rest of the pump or a card reader that is shaky and doesn’t appear to be installed properly. These could all be signs of a skimmer.
Credit card skimming does not just happen at the gas pump; card numbers can be skimmed wirelessly by a device designed to do so.
Hackers just sit and anyone walking by without RFID blocking technology in place will be skimmed. Some recruit restaurants to join their skimming rings.
When a server takes your credit card for payment of the tab, all it takes is 5 seconds to run it through a skimming device and yank your info. Years ago, this scam was rampant in Europe, so they rolled out chip card technology and use of handheld devices, That way, your card never leaves your possession while you settle your tab at the table.
Another new one is the “let me clean your magnetic stripe for you.”
A clerk at a store would offer to clean your card before a purchase, saying something like “the card machine is having trouble today, so let me clean your card first so it works the first time.”
He or she then cleans your card all right, as well as cleaning your bank account shortly thereafter (pun alert).
Cyberthreats are becoming a blend of the new and old, and a combination of low- and high-tech. You would think that with unemployment at a 50+ year low people would be less likely to turn to crime, but the risk is low in many of these scams — and the payoff potentially big time.
Surely it must be hard to get blank credit cards and the other tools needed for this type of crime? As mentioned earlier you don’t even have to go to the dark web, they are available here.
You can hear from one such online hacker/skimmer here as he now works for the good guys after being busted.
What does this mean for you? Situational awareness must always be on Defcon 1, ready to identify someone trying to rip you off, in person or online.
Thank you to our leaders like Secretary Lee and all of those that make it a priority to keep us safe from these attacks.
___
Blake Dowling is CEO of Aegis Business Technologies. He can be reached at [email protected].
