Few schemes for monetizing stolen credit cards are as bold as the fuel theft scam: Crooks embed skimming devices inside fuel station pumps to steal credit card data from customers. Thieves then clone the cards and use them to steal hundreds of gallons of gas at multiple filling stations. The gas is pumped into hollowed-out trucks and vans, which ferry the fuel to a giant tanker truck. The criminals then sell and deliver the gas at cut rate prices to shady and complicit fuel station owners.
Agent Steve Scarince of the U.S. Secret Service heads up a task force in Los Angeles that since 2009 has been combating fuel theft and fuel pump skimming rings. Scarince said the crooks who plant the skimmers and steal the cards from fuel stations usually are separate criminal groups from those who use the cards to steal and resell gas.
“Generally the way it works is the skimmer will sell the cards to a fuel theft cell or ring,” he said. “The head of the ring or the number two guy will go purchase the credit cards and bring them back to the drivers. More often than not, the drivers don’t know a whole lot about the business. They just show up for work, the boss hands them 25 cards and says, ‘Make the most of it, and bring me back the cards that don’t work.’ And the leader of the ring will go back to the card skimmer and say, ‘Okay out of 100 of those you sold me, 50 of them didn’t work.'”
Scarince said the skimmer gangs will gain access to the inside of the fuel pumps either secretly or by bribing station attendants. Once inside the pumps, the thieves hook up their skimmer to the gas pump’s card reader and PIN pad. The devices also are connected to the pump’s electric power — so they don’t need batteries and can operate indefinitely.
Most internal, modern pump skimmers are built to record the card data on a storage device that can transmit the data wirelessly via Bluetooth technology. This way, thieves can drive up with a laptop and fill their tank in the time it takes to suck down the card data that’s been freshly stolen since their last visit.
The Secret Service task force in Los Angels has even found pump skimming devices that send the stolen card data via SMS/text message to the thieves, meaning the crooks don’t ever have to return to the scene of the crime and can receive the stolen cards and PINs anywhere in the world that has mobile phone service.
MOBILE BOMBS
Scarince said the fuel theft gangs use vans and trucks crudely modified and retrofitted with huge metal and/or plastic “bladders” capable of holding between 250 and 500 gallons of fuel.
“The fuel theft groups will drive a bladder truck from gas station to gas station, using counterfeit cards to fill up the bladder,” he said. “Then they’ll drive back to their compound and pump the fuel into a 4,000 or 5,000 [gallon] container truck.”
The fuel will be delivered to gas station owners with whom the fuel theft ring has previously brokered with on the price per gallon. And it’s always a cash transaction.
“The stations know they’re buying stolen gas,” Scarince said. “They’re fully aware the fuel is not coming from a legitimate source. There’s never any paperwork with the fuel driver, and these transactions are missing all the elements of a normal, legitimate transaction between what would be a refinery and a gas station.”
Needless to say, the bladder trucks aren’t exactly road-worthy when they’re filled to the brim with stolen and highly flammable fuel. From time to time, one of the dimmer bladder truck drivers will temporarily forget his cargo and light up a smoke.
“Two or three summers ago we had this one guy who I guess was just jonesing for a cigarette,” Scarince said. “He lit up and that was the last thing he did.”
Other bladder trucks have spontaneously burst into flames at filling stations while thieves pumped stolen gas.
“There have been other fires that took place during the transfer of fuel, where some static sparked and the whole place caught on fire,” Scarince said. “These vehicles are not road-worthy by any means. Some of the bladder tanks are poorly made, they leak. The trucks are often overweight and can’t handle the load. We see things like transmissions giving out, chassis going out. These things are real hazards just waiting to happen.”
How big are the fuel theft operations in and around Los Angeles? Scarince estimates that at any given time there are 20 to 30 of these deadly bladder trucks trundling down L.A. freeways and side streets.
“And that’s a very conservative guess, just based on what the credit card companies report,” he said.
Aaron Turner, vice president of identity service products at Verifone — a major manufacturer of credit card terminals — leads a team that has been studying many of the skimming devices that the Secret Service has retrieved from compromised filling stations. Turner says there is a huge potential for safety-related issues when it comes to skimmers in a gas-pump environment.
“Every piece of equipment that is installed by gas station owners in the pump area is approved by reviewed and approved according to industry standards, but these skimmers…not so much,” Turner said. “One of the skimmers that we retrieved was sparking and arcing when we powered it up in our lab. I think it’s safe to say that skimmer manufacturers are not getting UL certifications for their gear.”
COUNTERING FUEL FRAUD
With some fuel theft gangs stealing more than $10 million per year, Scarince said financial institutions and credit card issuers have responded with a range of tactics to detect and stop suspicious fuel station transactions.
“A lot more card issuers and merchant processors are really pushing hard on velocity checks,” Scarince said, referring to a fraud detection technique that reviews transactions for repeating patterns within a brief period. “If you buy gas in Washington, D.C. and then 30 minutes gas later gas is being purchased on opposite side of the city in a short period of time. Those are things that are going to start triggering questions about the card. So, more checks like that are being tested and deployed, and banks are getting better at detecting this activity.”
Card issuers also can impose their own artificial spending limits on fuel purchases. Visa, for example, caps fuel purchases at $125. But thieves often learn to work just under those limits.
“The more intelligent crooks will use only a few cards per station, which keeps them a lower profile,” Scarince said. “They’ll come in a swipe two to three cards and fill up 40-80 gallons and move on down the road to another station. They definitely also have what we determine to be routes. Monday they’ll drive one direction, and Tuesday they’ll go the other way, just to make sure they don’t hit the same stations one day after another.”
Newer credit and debit cards with embedded chip technology should make the cards more costly and difficult to counterfeit. However, the chip cards still have the card data encoded in plain text on the card’s magnetic strip, and most fuel stations won’t have chip-enabled readers for several years to come.
On Oct. 1, 2015, Visa and MasterCard put in force new rules that can penalize merchants who do not yet have chip-enabled terminals. Under the new rules, merchants that don’t have the technology to accept chip cards will assume full liability for the cost of fraud from purchases in which the customer presented a chip-enabled card.
But those rules don’t apply to fuel stations in the United States until October 2017, and a great many stations won’t meet that deadline, said Verifone’s Turner.
“The petroleum stations and the trade organizations that represent them have been fairly public in their statements that they don’t feel they’re going to hit the 2017 dates,” Turner said. “If you look at the cost of replacing these dispensers and the number of systems that have been touched by qualified, licensed technicians…most of the stations are saying that even if they start this process now they’re going to struggle to meet that October 2017 date.”
Turner said that as chip card readers take hold in more retail establishments, card thieves will begin targeting fuel stations more intensively and systematically.
“We’re moving into this really interesting point of time when I think the criminals are going to focus on the approaches that offer them the greatest return on their investment,” Turner said. “In the future, I think there will be a liability shift specifically for petroleum stations [because] the amount of mag-stripe-facilitated fraud that will happen in that market is going to increase significantly along with chip card deployment.”
Part of the reason Los Angeles is such a hotbed of skimming activity may be related to ethnic Armenian organized crime members that have invested heavily in fuel theft schemes. Last month, the Justice Department announced charges against eight such men accused of planting skimmers in pumps throughout Southern California and Nevada.
Scarince and Turner say there is a great deal of room for the geographic spread of fuel theft scams. Although the bulk of fuel theft activity in the United States is centered around Los Angeles, the organized nature of the crime is slowly spreading to other cities.
“We are seeing pump skimming now shoot across the country,” Scarince said. “Los Angeles is still definitely ground zero, but Florida is now getting hit hard, as are Houston and parts of the midwest. Technology we first saw a couple of years ago in LA we’re now seeing show up in other locations across the country. They’re starting to pick on markets that are probably less aware of what’s going on as far as skimming goes and don’t secure their pumps as well as most stations do here.”
WHAT CAN YOU DO?
Avoid sketchy-looking stations and those that haven’t started using tamper-evident seals on their pumps.
“The fuel theft gangs certainly scout out the stations beforehand, looking for stations that haven’t upgraded their pump locks and haven’t started using tamper seals,” Scarince said. “If some franchised station decided not to spend the money to upgrade their systems with these security precautions, they’re going to be targeted.”
Scarince says he also tends to use pumps that are closest to the attendants.
“Those are less likely to have skimmers in or on them than street-side pumps,” he said.
Consumers should remember that they’re not liable for fraudulent charges on their credit or debit cards, but they still have to report the phony transactions. There is no substitute for keeping a close eye on your card statements. Also, use credit cards instead of debit cards at the pump; having your checking account emptied of cash while your bank sorts out the situation can be a huge hassle and create secondary problems (bounced checks, for instance).
Is this a USA problem only?
No, I knwo for a facts its a pronblem in the UK – same methods. So like any financially motivated crime this is simple to replicate suggest its a global problem.
UK have chip and pin .You cant just swipe a card at the pump like they do in US in UK u have to enter the pin .
PINs are commonly captured by U.S. skimmers, especially for debit cards (that plus the magstripe will get you cash at the ATM with your fake card); I wouldn’t be surprised if UK skimmers do it too. In fact, I understand some chip-and-PIN countries saw major increases in PIN-related fraud for that very reason; that’s supposedly one of the reasons why most U.S. issuers chose *NOT* to require PINs with EMV chips. Another reason to avoid using debit cards at the pump.
The pin isn’t the only security measure. EMV cards are not magnetic strip + pin, they’re chip + pin. These type of skimmers would be useless on an EMV card, as it doesn’t (can’t) replicate the chip.
If you captured the magnetic strip + pin of an EMV card, you still couldn’t use it in most of the European area. You could use it in the USA though.
PIN? We don’t need no stinkeen PIN!
Actually we do, but we have chip-and-signature and many times, not even the signature.
Jonathan @NC3mobi
PS: If you’re too young to remember The Treasure of Sierra Madre from 1948 watch this short clip: https://www.youtube.com/watch?v=VqomZQMZQCQ
Taking Chris M’s point one step further: the really problematic scenario is using a PIN+chip card and entering your PIN when the magnetic strip is also swiped.
A properly designed EMV terminal allows the card to inserted less than half way just to provide access to the contacts in the chip. It also has a separate magnetic swipe slot on the side so foreigners without chips (i.e. Americans) can still use their old-style magnetic cards.
Huge problem in Mexico. In many cases the station personnel and local police are in on the deal.
Mexican police in on a crooked deal?
From personal experience I can say I am not surprised at all.
Here in Canada basically every pay-at-the-pump terminal is chip enabled. The card reader basically locks your card in the reader while you’re put your PIN in. Then once it’s verified the PIN, it releases the card.
Lots of stations won’t accept non-chip cards at the pump, not that we have many of those floating around anymore.
It blows my mind that the US is so far behind even backwards Canada on stuff like this.
Use cash.
Yes, because cash is never stolen.
LOL… cash is stolen ONCE… since when does cash get used multiple times and then shared across the network to be used yet again?!?
Of course, when the cash gets stolen, sometimes it involves an additional transaction that involves either a hospital or a morgue (or both). Meanwhile, while the cash carrying individual has lost both cash and possibly his life, the credit theft comes with a $0 liability, provided you keep on top of your transactions. And you don’t get to visit a hospital.
It depends on where you travel. Where I am, muggings and robberies are virtually non-existent. Pickpockets might be present in some crowded areas, but from what I hear, even that isn’t very common.
But having your credit card number stolen opens you up to the possibility of identity theft, which is far more of a pain to deal with. The “monitoring service” that they offer you is really just an inexpensive placebo that they give you to make it seem like you are covered.
I am perfectly fine with paying cash for fuel if that is what it comes to. It could be a nuisance sometimes, for sure. I would far prefer them to have some more secure payment options at the pump.
I’m not sure I follow your concern about identity theft coming about from a credit card being compromised at the terminal. I can see where having your wallet stolen/pick pocketed, where your ID and other PII documents might be contained, could easily lead to identity theft. But I can’t think of a way that the data on your credit card being compromised could easily lead to identity theft.
The personally identifying information on your credit card is your name, and that’s about it for card present transactions. For internet charges it’s a different ball game.
Clearly the security conscious individual carries nothing but cash. Reams and reams and reams of cash. And when they get pickpocketed, why, they just amble down to their friendly neighborhood bank and somehow manage to withdraw replacement funds without any identification whatsoever.
Sorry SeymourB, you’re coming off as a shill for the credit card companies and banks.
In general, one doesn’t have to carry a large amount of cash for daily transactions. Getting robbed of $40 or $60 isn’t going to hurt most people as much as getting robbed of the contents of their bank accounts. Frankly, here in the US, strong arm and armed robbery is fairly rare. Fraud however is not.
Your arguments are correct for a lawless and dangerous locations. For most people, at least here in the US, they are just plain wrong.
-> . (the point)
-> * (you)
No offense, but that’s short sighted. When cash is stolen from you, it’s often impossible to get back. When a credit card is used by someone else, you can dispute and not be held liable at all. I’ve personally suffered both myself, and the payment card experience was far less of a problem because I eventually got every cent of it back.
Frankly, even with all the skimming and POS problems – many of which Brian has written up elsewhere on this site – I’d still rather use plastic. I’ve discovered that I’m better protected that way.
Excellent write-ups, as usual. What I’m wondering is of the risks associated with skimming installation outweigh buying track1&2 + zip online. Cards are sold by zip, seems like that would be less risky, even if it eroded profitability…
In the EU, most states have had pretty much universal chip and pin for several years. We do still get some cases, both hidden cameras and compromised terminals, but I suspect it’s not as common as in the US.
“crispycritters.png” all of my lols.
I work in the Point-of-Sale industry in the US for the hospitality (fast-food/restaurant) industry. None of our customers are using chip-and-pin yet and probably won’t be until middle of 2016. It’s easier to do in Europe and other countries because their footprint is bigger, some with 12 or more POS terminals and then you have the sites with drive thrus that must be able to hand a terminal out to the customer to use. Bluetooth or Wifi are options, but could become cumbersome too. I see it going a couple of ways here in the US….
1. People adopt the mobile pay apps such as Apple or Android Pay or Google Wallet and use the Near-Field Communication of their phone to tap and pay.
2. People go back to using cash for more transactions.
I personally feel option 1 is the most likely to happen. Chip and Pin will still be there as an option, but I think it’s going to get surpassed by the mobile pay apps. Only time will tell here in the US>
It depends on the demographic of your customers. If many of your customers don’t have a smartphone, then #1 is irrelevant, and cash becomes the way to deal with it. Either that or park and come into the restaurant and pick up the food the old fashioned way.
You bring up valid points. It could go several ways. I just think EMV will get passed up. Only time will tell. With the way the mobile industry is going with pay-to-talk, etc. it’s hard to say that smartphones won’t be around in even the lowest demographic. I know not everyone may have them, but I would say the majority or at least half of customers that might visit most restaurants at least once a month would have a smartphone capable of using the payment apps. It’s just a matter of the customer being aware enough to use them As well as the restaurant being aware enough as well to have it enabled. It will be interesting to see what happens in the next 5-10 years and beyond.
“Tamper evident seals” have been counterfeited. See one recent indictment United States v. Anthony Nunovero and Edelso Sanchez (Case No. 15-20884-CR-Huck) on
http://nc3.mobi/references/2005-skimmers/#20151119
Jonathan @NC3mobi
These type of articles rarely mention the type of skimmers that are placed on the card reader itself. As the fuel retailers upgrade their payment terminals, this type if skimming will increase dramatically.
I think that the upgrades to chip-enabled terminals will eliminate this, not increase it.
EMV cards still have a magnetic stripe on the back. A skimmer merely needs to read the mag stripe while it is being inserted into the reader.
Now imagine you happen to have an EMV Chip + PIN as cardholder verification method. Skimmer has now captured the Track 2 mag stripe data and not a stretch to pick off the PIN by any number of methods. Suddenly your “safe” Chip + PIN card has drained your bank account or credit line and the issuer will push back by saying you used your PIN.
I have had a chip+pin card for a few years now. Only one end of the magstripe ever enters the machine so only about 25% could be scanned.
On the other hand if a skimmer could cause the chip reading to fail the reader falls back to manual swipe at which point the problem arises again.
“EMV cards still have a magnetic stripe on the back. A skimmer merely needs to read the mag stripe while it is being inserted into the reader.”
true, but to cash out the data needs to be shipped to some third-world country (in the banking sense) that still uses magstripes.
so for the card owner it is easy to proove that the card was skimmed.
btw the whole card security business is unfortunately more about shifting liability, then it is about true security
In some European country’s (like the Netherlands) only EMV chips are used on the cards. There is a magstripe on the card but the information on the stripe and on de chip are different. Cards are “dipped`’ but not swiped so the magstripe can not be read completely. Also….a (default) setting on the account is that the stripe is blocked for use (we don’t need that using the chip). One needs to adjust ( for a certain period) that setting when going to a non European country where one needs to use the stripe. (Geo-blocking) Since the terminals ( in NL) are adjusted / replaced and banks changed to EMV and GEO-blocking skimming is no longer a problem in the Netherlands. (as long as the security of the EMV is kept up to date…)
Thank you for the in-depth look at the entire thread. I travel during the winter months, and recently I noticed am indie gas station that had lower prices than all the others. I worried that maybe they somehow diluted the gas to make up the savings, but went there anyway. After reading your article, I am guessing they were actually a buyer of gas stolen in the way your article describes.
My father owned a small, local, propane delivery service which serviced mainly residential clients, but also provided gas for space heaters at construction sites. I can imagine that the thieves go to a similar gasoline delivery business and cut a deal. I’m glad my father has been dead a long time. I would hate to imagine him being approached by such people. But no doubt it is regular small business people just like my dad who are dealing with this today. Frightening, as the consequences if caught almost certainly mean a loss of the ability to operate, since fuel services are a highly regulated industry.
Where are Ponch and Baker when you need them?!
http://m.imdb.com/title/tt0534470/
Ah, CHiPs.
Fun times.
Thanks for the ride down memory lane.
“Skimmer manufacturers without UL certifications” made my day.
What reason is there for the station attendant to have access to the key that can open the pump? Should this not be something kept locked away by the station manager? For a chain of stations, is there any reason to even have the key on-premises?
I would be surprised if the thieves gain access via a key. Either pick the lock or have a suitable bump key on hand. They already have a customized circuit on hand that works with that particular pump, bypassing a physical lock at that point is trivial.
The attendant still needs to be complicit, otherwise they’d call the police the minute the thief cracked open a pump. I imagine an alarm sounds inside the booth that the attendant can silence (considering how many less important things alarm in the booth it’s just logical).
Key? What key? Most states require gas pumps have a universal key. Supposedly so in case of a fire the emergency responders (who all have a key) can open the pump, plus it’s easier for inspectors and maintenance. The unintended consequence makes access by criminals is easy.
In several stations I’ve talked with, the clerks take a manual reading on the pumps; at set times or at shift changes. My interest started when I went to fill up and then noticed the pump door wasn’t latched. The clerk was sure it was latched as she had closed them all at shift change reading.
What would be helpful IMO is for Brian Krebs to outline how best to detect skimmers, and what he thinks best to deter or even prevent this type skimming.
What about security cameras?
How hard is it to connect a purchases with faces/licence numbers?
I’m surprised nobody has come up with the idea to capture license plates in real-time and share that database with gas stations. If a vehicle shows up more than once every other day they’re flagged, especially if they use a different card each time. I remember when I worked at Target in the 80’s that they had a system that matched every purchase with the customer’s name and credit card number. There has to be something that could do that as well – have you seen the police cars with the scanners on each corner of the roof? Those are license plate scanners which can read them at high-speed while driving down the road and/or through parking lots looking for people with warrants or outstanding “legal” issues. It’s certainly better than hoping your gas station attendant doesn’t open the pump door for the bad guy (since they have to replace the receipt tape and it’s all within the same compartment).
The part I like the most on the story is the way the GAS is moved and resold …. these guys must love the MAdMAx movies … Imagine the future
Brian you see this or have any information on it? http://m.gulfnews.com/xpress/dubai/courts-crime/hacker-holds-uae-bank-to-ransom-demands-3m-1.1626394
I’m surprised they can make much from this now that the price is so low – hardly seems worth all that effort! They’d be better off stealing copper, although that market dropped recently too!
Practice for when the price of gas gets jacked back up to $4/gallon for “the summer driving season”, or a “shortage” due to “refinery conversion”, or “anxiety in the middle east” or ……
Jonathan @NC3mobi
Since the skimmers and their customers operate separately from each other, there ostensibly is a single interface, where the bladder boys buy hot card numbers from skimmers.
There is, however, a potential second interface, where a bogus card used by the bladder boys is (re-)skimmed as its being used.
I wonder how often that happens.
It would seem that of banks are using velocity checks, douchy a double skim would be quickly identified and inactivated.
Given the size and profitability of the oil companies, I am amazed that they claim to be incapable of meeting the oct 2015 deadline that other merchants had to meet in order to avoid the liability shift from card networks to merchants. I am even more amazed that they have been granted a special exemption from meeting the deadline (presumably with no or reduced liability shift.)
In order to accomplish that, the fuel companies must have enormous leverage over the payments industry (specifically the card networks.)
If my assumption is correct, and that big oil continues to enjoy non liability for 2 years more than other merchants, there is very little incentive for big oil to try and capture skimmers because they can sell incrementally more fuel without incrementally more risk (fortunately for the card networks, the market demand for fuel is relatively inelastic.)
The gas stations aren’t required to meet the October 2015 deadline, and the restaurant/retail merchants aren’t required to meet the deadline either. That’s just when the liability shift happened, it is NOT a mandate/law/rule. The merchants do NOT have to meet it at all. They just take on the risk if they do not.
Retail/hospitality had theirs on October 1, 2015.
ATM’s are October 1, 2016
Gas stations are October 1, 2017.
But, again, it is NOT required to meet the deadline. They just assume the risk if any problems arise from fraudulent cards used at their locations. The banks/card issuers will no longer accept the risk IF the cards are chip & pin cards. IF the cards are not and there’s a problem, the banks/card issuers are still liable because they are the least EMV-capable.
http://www.emv-connection.com/downloads/2015/05/EMF-Liability-Shift-Document-FINAL5-052715.pdf
Brian, the vehicle pictured is not a large van, it’s the Ford Excursion, the largest sport utility vehicle ever made. It’s a good choice by skimmers as it is based of the Ford PHN-131 platform, itself the basis for the Ford F-250/350 pickup line, with the newest of these being already 10 years old, so prices should be pretty good.
The irony about using this vehicle to transport fuel is that when it hit the market, in 1999/2000, there was backlash about its size and fuel consumption, being mocked with the handle “Ford Valdez”.
It looks to me like fuel retailers offering mobile-payment apps (for example, the Cumberland Farms chain in New England) have yet another good reason for doing so, and for continuing to offer roughly 5% discounts to their mobile payment customers. I doubt many bladder boyz use mobile apps to pay.
Mr. Krebs, do the costs of upgrading fuel pump terminals to chip-reader tech vastly outweigh the losses from this kind of scam? Why does it take so long?
The question I would ask a merchant is: In the last 2 years, how many chargebacks have you had? If they haven’t had any, or very few, then the cost doesn’t really justify the switch. In areas like LA where things like this are happening, then I would still ask the same thing, but would probably push for the switch to avoid the reputation damages. But, having EMV-ready terminals isn’t going to stop it completely. I think it will still happen. I still stand by what I said earlier, the way of the future will be the mobile payment methods that are not as easy to counterfeit. Keeping all physical cards at home, or not even having one in the future.
Mobile-based systems that bypass the pump’s card reader entirely, like the app you described (another C-store chain in my area has a similar system tied to its loyalty card app) or Murphy USA’s text-based system, are much less likely to be skimmed than even EMV or NFC *and* usually don’t require hardware updates at the pump like those do. They do have potential weaknesses, but mostly those require access to the phone before you can get it shut off (same as NFC), breaching a central server (less likely for oil companies than, say, mom-and-pop e-tailers), or possibly Wi-Fi sniffing (be sure Wi-Fi is off before using the app).
The credit card companies should be footing the bill for replacing their insecure mag-stripe system rather than the merchants.
Thanks for sharing warnings for all drivers young and old..
Simply have pumps designed so the entire front side of the pump has to be taken off in order to do maintenance on it. Inside, have four to six plunger style alarm locations that are designed to make some noise at the registers. Don’t make it so annoying that the business shuts it off or disables it.
Cameras up high at 45 degree angles which show fronts and backs of vehicles while at the pumps will deter most evil.
Its easy for us to come up with ideas – its more difficult to get the companies and businesses to come up with the motivation to apply low cost measures to protect the consumers – and themselves.
Walk into the gas station and use Apple Pay.
Walk into the gas station, hand the attendant a $20 or whatever it will take, pump gas, get change, drive to next destination.
Problem completely solved without having to purchase an expensive Apple iPhone or Samsung whatever phone
And as an added bonus the gas station I go to gives a small discount on the cost per gallon if you pre-pay with cash. 🙂
I wonder why they do so much work. It would be so much simpler if the miscreants simply stole the petrol directly…
It draws less attention at the point of purchase to go through a “normal” transaction than to fill up the tanks and then drive off, if they’re even able to get the pump to work since most sites are pre-pay now before the pump even turns on.
They can grab cards from those that aren’t paying attention and buy gas on other peoples’ dime before getting caught more than likely. It may seem like a lot of work, but to them it pays off quicker than having the cops chasing you immediately after leaving the pumps.
I now only use my credit card to pay for my gas due to fuel pump skimming. Like Krebs stated, it is much easier to resolve frued with a credit card versus a debit card, which can be cleared of your money much quicker. One of my family member’s bank account was cleared due to fuel pump skimming, which was extremly inconvenient to resolve. I’d rather just be safe than sorry and use my credit card at the gas pump.
what’s with those huge png’s?
“Avoid sketchy-looking stations and those that haven’t started using tamper-evident seals on their pumps.”
I’ve seen many popular places that don’t tend to use the tape and rather use security measures built into the pumps that prevent unauthorized technicians from opening the pumps (they shutoff if the pump is not properly opened by a technician, requiring a technician to go on site and re-activate it. This process usually includes a pump investigation to insure no tampering.)
I think the consistent clamouring for tape is misaligned a bit.