U.S. Secret Service Details on How to Spot a Credit Card Skimmer

The U.S. Secret Service Washington Field Office (WFO) has issued an advisory on identifying credit card skimming devices, calling this form of financial theft a “low-risk, high-reward crime that is on the rise across the country.” 

Following the recent Operation Potomac, where law enforcement agencies recovered multiple skimming devices from businesses throughout the DC area, authorities emphasize consumer vigilance’s importance in protecting personal financial information.

Credit card skimming involves criminals installing illegal devices on ATMs, gas pumps, and merchant point-of-sale terminals to steal payment card data. These devices capture card information from the magnetic stripe, which criminals then encode onto counterfeit cards. 

According to Security Service estimates, EBT skimming alone costs financial institutions and consumers more than $1 billion annually, with each skimmer potentially facilitating approximately $300,000 in fraud.

Operation Potomac: A Coordinated Crackdown

During Operation Potomac, conducted January 29-30, 2025, the Secret Service partnered with Fairfax, Montgomery, Prince George’s, Prince William, and Arlington County Police Departments, and the D.C. Metropolitan Police Department to inspect 6,561 terminals at 879 businesses across the National Capital Region.

The operation recovered 27 skimming devices, preventing an estimated $7.2 million in potential fraud losses.

“Some of them are actually inside the terminals, so when you put your card in, it gets your information,” explained Washington Field Office Special Agent in Charge Matt McCool. 

“Some of them are placed on top of the terminals, and they look just like a normal terminal, but a little bit bulkier.”

How to Spot a Skimmer

The Secret Service has shared specific techniques consumers can use to identify potential skimming devices:

• Visual Inspection: Check for unusual attachments on card readers, including overlay devices or keypad coverings that might conceal cameras.
• Physical Check: Gently wiggle the card reader and keypad; loose components may indicate tampering or the presence of a skimmer.
• Alignment Verification: Ensure the card reader and keypad align properly with the machine, as misalignment often signals unauthorized modifications.
• Shape Assessment: Be alert for readers with a convex or bulkier profile than expected, as skimmers are frequently installed directly over legitimate hardware.
• Location Awareness: Exercise particular caution at ATMs and gas pumps, which are preferred targets for skimming operations due to lower surveillance and monitoring.

Technical analysis from security researchers indicates that the majority of skimmers (71%) use serial, SPI, or I2C communication protocols to download captured data. 

Modern detection technologies like the “Skim Reaper” utilize specialized measurement cards to detect the presence of additional read heads—a telltale sign of skimming equipment.

The Payment Card Industry Data Security Standard (PCI DSS) requires businesses to implement protections against card skimming under Requirement 9.9, which mandates that merchants “protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution.”

Criminals particularly target Electronic Benefit Transfer (EBT) cards used by those who rely on government assistance. 

“They’re stealing money from people who need it badly to buy essentials to live, and what they’re doing with the money is they’re going out to buy lavish things,” McCool noted.

Consumers are encouraged to monitor financial statements regularly and report suspicious activity immediately. 

The Secret Service also recommends using contactless payment methods, as these transactions minimize physical interaction with potentially compromised terminals.

Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.