Watch out for Card Skimmers at Gas Stations

Credit card skimming at gas stations is happening all over the country including here. With lots of travellers on the road, here are some tips to avoid this common technology hazard.

With the summer travel season in high gear, the FTC is warning drivers about skimming scams at the pump.

Skimmers are illegal card readers attached to payment terminals.  These card readers grab data off a credit or debit card’s magnetic stripe without your knowledge. Criminals sell the stolen data or use it to buy things online. You won’t know your information has been stolen until you get your statement or an overdraft notice.

Here are a few tips to help you avoid a skimmer when you gas up:

  • Make sure the gas pump panel is closed and doesn’t show signs of tampering. Many stations now put security seals over the cabinet panel. If the pump panel is opened, the label will read "void."

    skimmer-01.png

    Photo credit: National Association of Convenience Stores (NACS) and Conexxus
     
  • Look at the card reader itself. Does it look different than other readers at the station? For example, the card reader on the left has a skimmer attached; the reader on the right doesn’t.|
     

    skimmer-02.jpg

    Photo credit: Royal Canadian Mounted Police in Kamloops, Canada
     
  • Try to wiggle the card reader before you put in your card. If it moves, report it to the attendant. Then use a different pump.
  • If you use a debit card at the pump, run it as a credit card instead of entering a PIN. That way, the PIN is safe and the money isn’t deducted immediately from your account.
  • If you’re really concerned about skimmers, pay inside rather than at the pump.
  • Monitor your credit card and bank accounts regularly to spot unauthorized charges.

If your credit card has been compromised, report it to your bank or card issuer. Federal law limits your liability if your credit, ATM, or debit card is lost or stolen, but your liability may depend on how quickly you report the loss or theft. For more information, read Lost or Stolen Credit, ATM, and Debit Cards.

 

Why use a VPN on Public Wi-Fi Networks

Ithaca is a traveling community. The vast majority of our student population travels to and from Ithaca. Our business community and many individuals travel regularly for business. Virtually everyone who travels with a laptop, pad, or other mobile device usually ends up on some type of public Wi-Fi network. Getting to your data without exposing your private information to others takes effort. VPN technology is a good solution. The VPN discussed here is from Norton, but there are many other good ones as well.

If you’ve ever wondered if it’s safe to use public Wi-Fi, you are not alone. In fact, according to the Norton Cybersecurity Insights Report, 6 in 10 consumers believe using public Wi-Fi is riskier than using a public restroom. And it is. Surfing the Web or transacting on an unsecured Wi-Fi network means you’re placing your private information and anonymity at risk. That’s why a virtual private network, better known as a VPN, is a must for anyone worried about online security and privacy.

What is a VPN?

A virtual private network gives you online privacy and anonymity by creating a private network from a public Internet connection. VPNs mask your Internet protocol (IP) address so your online actions are virtually untraceable. Most important, VPN services establish secure and encrypted connections, guaranteed to provide greater privacy than even a secured Wi-Fi hotspot.

[More]

Home Router Security Issue

Just prior to the Memorial Day holiday, the Justice Department and FBI sent out a mass communication highly recommending that everyone with a home connection to the Internet reboot their routers. This was to protect against a new Internet exploit called “VPNFilter”. If you attacked by VPNFilter, you login credentials, email address, etc. could be hacked.

Many of us in the technology industry were surprised at the announcement and skeptical that a reboot could fix anything like this. Turns out that it’s all for real. However after doing some digging, we discovered that this very real problem potentially affects a relatively small number of home based routers; about 500,000 around the world.  And only certain models (mostly older routers) are vulnerable.  Here’s the list that Symantec published of the affected routers:

[More]

Cybersecurity - a ToDo List!

We've been writing about network security, email security, web security since the earliest days of the Internet. Today, all that along with smart device security, IoT security, etc. all falls under the heading of cybersecurity and everyone needs to have at least some understanding of what's important. 

For businesses and organizations, cybersecurity needs to be managed. You can do this work or we can provide these services for you. For some clients, we do the work in all five areas listed below. For others, we provide a few areas of services and for a small number, the client does the work and we provide consultation and a second set of eyes on the topic.

We urge you not to ignore this. Left unattended, bad things will most likely occur. You can't be too careful. Contact The Computing Center. We can help.

#1 Train Your Employees

The best way to improve your IT security is to train your employees on best security practices. Educate them so they can recognize and avoid cyber threats like phishing and scams. Teach them about protecting sensitive information. Humans are the weakest link in your security defense: with a single click in an email they can open the door for hackers. You should have a network firewall, but don’t forget your employees are a firewall too.

[More]

Securing Data is a Process, NOT an Event!

 by Thomas B. Pahl, Acting Director, FTC Bureau of Consumer Protection

“Sound data security is a process, not a checklist.” We’ve all heard that slogan – and with good reason. The way that sensitive information moves into, through, and out of your company’s networks or the software products you develop is ever-evolving. So, too, are the risks that hackers and data thieves pose as they adapt to the countermeasures you take to foil their efforts. Approaching data security with a one-and-done attitude ignores the here-and-now realities you face. That’s why Start with Security recommends that companies put procedures in place to keep your security current and address vulnerabilities that may arise.

A look at FTC law enforcement actions, closed investigations, and the experiences that businesses have shared with us demonstrates the wisdom of that advice. These examples illustrate why you should keep your security up to date and respond quickly to credible threats.

[More]

More Entries