Look Before You Pump! Don’t Get Skimmed at the Gas Station

Gas-pump skimming is an old crime making a comeback, and your card may be at risk. Since skimmer devices are almost invisible, they can be difficult to spot. And Bluetooth technology lets the scammer remotely obtain the info it collects from as far as 100 yards away.

While EMV-enabled cards are more commonplace, gas stations have until 2020 to update their systems, making them vulnerable. Protect yourself against this hack by learning about card skimmers. 

How it works 

Hackers usually outfit the pump farthest from the convenience store with their skimmer. This way, they are out of the range of any security cameras at the shop’s entrance. The hacker places a skimming device on top of the pump’s card reader or inside the pump itself, and then leaves the area. 

Choose your payment method wisely 

You may seek extra protection by using a credit card or cash to pay at the pump. A credit card lets you easily dispute fraudulent charges. And, depending upon your financial institution, a debit card may not have much purchase protection.

The safest payment method might be cash, but remember that it cannot be replaced if lost or stolen.

How to spot a skimmer

If you don’t like the idea of using cash, you can still protect yourself by being on the lookout for skimmers. If something looks suspicious, don’t use that pump! 

4 ways to spot a skimmer: 

  1. Use your eyes. Do numbers on the PIN pad look newer or bigger than the rest of the machine? Does anything look like it doesn’t belong? Is the fuel pump’s seal broken?
  2. Check the tape. Many gas stations place serial-numbered security tape across the dispenser to protect their pumps. If the tape has been broken, or there’s no tape on the dispenser at all, it’s likely been compromised.
  3. Use your fingers. Feel the card reader before sliding your debit card into the slot. Do the keys feel raised? Is it difficult to insert your card?
  4. Use your phone. There are several free skimming apps, like Skimmer Scanner, that can scan a card reader for a skimming device and alert you if one is found. You can also check your phone’s Bluetooth for any strange letters or numbers appearing under “other devices.”

General card safety 

It’s always a good idea to practice general safety when using a card to pay at the pump. Choose the pump closest to the store and always cover the number pad with your hand when inputting your PIN. It’s also a good idea to periodically check your account statements for suspicious charges. 

Your Turn: How do you pay at the pump? Why do you choose this method?






Share Button

Be Fraud Smart: Online Fraud is Up!

Online fraud is up, but UCCU can help you be up to the task.

In today’s digital world, managing your life and finances is often as simple as clicking a few buttons on your laptop or smartphone. Unfortunately, it’s often almost just as easy for fraudsters to steal your identity and abuse your finances.

In fact, a recent study showed that fraud and identity theft are on the rise, up 16% from 2016 and costing consumers $16 billion dollars. Additionally, 2017 also set a new record for data breaches, with 1,339 financial cases on record.

Although no one is fully immune to the realities of fraud and identity theft, there are many things you can do to protect your family and UCCU can help!

Be Fraud Smart is a free, online resource that can keep your entire family informed about current scams, best practices to avoid fraud, and what you should do if you’ve fallen victim.

It’s all at uccu.com/BeFraudSmart right now.

In the meantime, here are a few steps you can take right now to protect your family and Be Fraud Smart.


The days of using “1234” or “password” as your password are over.

Each and every account you have should be protected by a unique password. An easy way to ensure that your passwords are safe and secure is by using a password manager smartphone app, which will generate unique and complex passwords, on demand, for all of your services and accounts while keeping your passwords safe and organized within the app’s secure vault.

Popular password manager apps include 1Password, Dashlane, mSecure, and LastPass. A popular password manager is also available within the Safari web browser.


Most operating systems and smartphone applications alert you when updates need to be applied but some devices, like network (WiFi) routers, require you to check for updates to firmware without being alerted.

In some cases, older devices should be replaced. For example, older smartphones can easily fall into a “no longer supported” category, which means necessary security patches and updates are no longer being developed. Check with your phone manufacturer for more details.


All of your personal computers should be running Windows 10 (if not, you should upgrade) and firewalls should be turned on. Additionally, Macintosh computers have become more of a target for viruses and malware than in the past.


Log in to your accounts frequently to monitor account transaction details. If you have transaction accounts at different institutions, you can use UCCU’s 360-View Financial Aggregation which allows you to monitor and manage all your accounts with a single login.


A credit freeze will prevent potential lenders from accessing your credit report (often for a price), stopping a thief from opening an account or getting credit, even if they have your personal information.


If you believe you are an identity theft victim or are at risk of becoming one, you can place a fraud alert on your credit report alerting potential lenders to verify the identity of anyone attempting to open an account in your name.


Monitoring services watch for signs that an identity thief may be using your personal information. For example, identity monitoring services may alert you when your personal information shows up in:

  • Change of address requests
  • Court or arrest records
  • Orders for new utility, cable, or wireless services
  • Payday loan applications
  • Check cashing requests
  • Social media
  • Websites that identity thieves use to trade stolen information


Most of us are so happy to find free WiFi when we’re out and about that we click past the Terms and Conditions without giving them much thought. But here’s something that should give us all pause: personal information that is sent or received through open wireless networks are typically susceptible to hacking with little to no effort.

Putting it another way: over 85% of all consumers may be putting their information at risk when using public WiFi. Be very careful when using any Free WiFi and always avoid sending any personal information over an open network.


It’s one of the oldest scams in the book because it works. Every year, trusting people send money to fraudsters for all kinds of phony reasons. It’s easy to believe it won’t happen to you and yet, millions of dollars are continuously lost to unsuspecting victims, simply because they believed they were doing the right thing by sending money to the wrong people.

So just don’t do it. Never, ever wire money to a stranger, even when that stranger claims to be acting in your best interests and especially when they use scare tactics to get you to pay up right now.


“Phishing” is the practice of pretending to be a reputable company or organization in order to convince you to reveal passwords, credit card numbers, social security number, or other compromising information. And fraudsters love to go phishing.

The fact is, no reputable company or organization is going to contact you
and request or demand your personal information (such as credit card or social security numbers). If you receive a call and you’re not sure if it’s legitimate, simply hang up and call the company or organization back directly…after looking up and confirming the correct number on your own.


If you don’t know who the email is from, don’t open a hyperlink or attachment.
No reputable organization is going to contact you and ask you for your personal information–even if it looks like it’s from your bank or other financial organization.


When shopping online, it’s best to stick with retailers and websites you know and trust. Before you shop with an unfamiliar site, do your research. Make sure it’s reputable prior to providing personal information.

If you install antivirus, firewall or spyware protection, be sure to turn the Auto-Update feature on so your software is always up to date against the most current threats.


As fraudsters continue to create innovative and devious ways to steal our information, it’s up to each of us to keep ourselves safe. Just remember the old adage: knowledge is power.

Visit uccu.com/BeFraudSmart today.

Travis Clegg
UCCU Fraud Expert

Travis Clegg is a Certified Fraud Examiner who has dedicated over 23 years to protecting UCCU members from fraudters and leads a team of fraud protection experts that help members avoid and recover from fraud.

As a thought leader in fraud protection, Travis provides timely insights about how to protect yourself from current scams, so make it a habit to visit uccu.com/BeFraudSmart often to stay informed and up-to-date on all the latest fraud tactics.

Share Button