Web Culture

Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket

Christian Cawley 03-09-2013

If you regularly pay by credit or debit/cheque card (and who doesn’t these days?) you should be aware that your card can be cloned. But how is this done, and what types of business are particularly vulnerable to criminals hanging around pinching your card details?


Speaking personally, I had a credit card cloned back in 2007 at a popular pizza restaurant chain in the UK – by a member of the serving staff. When I next checked my balance I saw that I had been shopping in Liverpool later that day – a good 100 miles away from where I ate the pizza.

It was this single experience that opened my eyes to the possibilities and threats of digital scammers, modern day pickpockets who are a world away from the cute street urchins of Oliver Twist. Using your money to fund all manner of illegal exploits, these are not the type of people you want to come face to face with.

Therefore, your best protection against card cloning is awareness.

How Cloning Is Achieved

Cards can be cloned using a system called skimming, in which the cloning device is perhaps concealed in the pocket of the person you’re paying – or in extreme situations, attached to the payment machine.



The information from the magnetic strip on your card is then copied and the PIN observed or recorded as it is entered for payment. With your card details captured, they can be entered online or programmed into a brand new card which the thieves will then use, charging their purchases to your account.

You’re probably thinking that the nice girl in your local supermarket or takeaway wouldn’t dream of cloning your card, and you would probably be right… in most cases.

Where Your Card Can Be Cloned

As relayed above, I was enjoying a pizza with my wife in the beautiful northern English town of York when I had my card skimmed and cloned. I know this as it was the only time my card was out of my wallet all day.

But it isn’t just restaurants and shops where your card might be cloned. Anywhere the card might be out of sight for a moment can prove to be a risk – one that costs an awful lot.



So, anywhere that you pay by card can be a risk. This might be a restaurant, or it might be a pay-at-the-pump garage forecourt. Equally, your local ATM might have been modified with a skimmer and perhaps a false front to conceal it.

Take Precautions Against Credit Card Cloning

To avoid falling victim to these frauds, you should keep a sharp eye on the person you are paying. Make sure they don’t take your card out of sight, and ensure they have nothing in their hands.

As far as card payment devices and ATMs are concerned, look carefully to see if there is something that looks wrong, or out of place. In garages, you might prefer to pay in person usually than at the pump; similarly, if you can withdraw money over the counter in the bank rather than at an ATM, do so.



It should also go without saying that in order to avoid having your card details stolen, you should avoid entering them on public computers (cybercafes, libraries or across public Wi-Fi) and sharing them over the phone in a public place.

Credit Cards and RFID Hacking

Although the aim of banks and credit card companies seems to be the embedding of RFID technology into cards for contactless payment, not all cards have this facility as yet.

If your card does have an RFID chip, however, you will find that you are at further risk as your details can be copied without the card ever leaving your possession. Our guide to drive-by RFID hacking Don't Let Them Scan You: Blocking RFID Chips Every convenience in life comes at a cost. That's why things are so expensive at the corner store compared to the grocery store. They aren't selling you a carton of milk, they're selling you a... Read More will explain more, showing you how to take precautions to block RFID chips from being read without your consent. RFID Can Be Hacked: Here’s How, & What You Can Do To Stay Safe How RFID Can Be Hacked and What You Can Do to Stay Safe Hackers using RFID scanners can theoretically steal money via your phone's tap-to-pay app. Here's how to prevent RFID hacking. Read More explains more about this, as well as the ways in which RFID can be abused.


And don’t forget, wallet apps on NFC-equipped smartphones What Is NFC & Should You Buy a Phone That Has It? [MakeUseOf Explains] If you’re in the market for a new phone in 2013, you’re probably going to hear about something called NFC, and how it’s apparently changing the world. Don’t be fooled by the sales talk though.... Read More also have the potential to be hacked. If you want to use this method of payment, remember to disable NFC when it isn’t in use.

Plastic is Convenient For Everyone – Stay Aware!

The main problem with paying by plastic is that while convenient, it is less secure than carrying money in your pocket. There is only so much you can carry in a purse, wallet or pocket, after all – plastic offers thieves a route into your bank or credit card account.

Convenience suddenly becomes a two-way street, one that we might hope our banks would be keen to close off from society’s undesirables.

Sadly this isn’t the case. Although credit card fraud amounts to $190 billion a year in the USA – of which cloning is just one of many tactics – the onus is on you, the card user, to protect your funds from hackers, cloners and con artists.

So remember – don’t let your credit or debit/cheque card out of your sight!

Image Credit: Skimmer, Card machine, Cards in wallet, Keyboard

Related topics: RFID, Scams.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Rui Fernandes
    February 12, 2015 at 5:33 pm

    Oh yes! They were very fast and efficient, they've had the iniciative to alert and guide me through the process.

    • Christian Cawley
      February 18, 2015 at 1:18 pm

      Good news! Glad to see credit card companies treating this fraud in the right way.

  2. Rui Fernandes
    January 28, 2015 at 7:55 am

    "I had a credit card cloned back in 2007 at a popular pizza restaurant chain in the UK – by a member of the serving staff. When I next checked my balance I saw that I had been shopping in Liverpool later that day – a good 100 miles away from where I ate the pizza."

    In my case it was in London in 2013, also pizza and staff combination. When I returned to Portugal I received a call from the bank asking if I was in Bangladesh using my card... chip or no chip, if it goes to the hand of some who wants to clone it, it's done :-(

    • Christian Cawley
      February 8, 2015 at 9:02 am

      Sorry to hear that, Rui. Did your CC company sort it out appropriately?

  3. Dovy6
    September 11, 2013 at 2:12 pm

    In the US you are only liable for a max of $50 if your card is stolen as long as you report it as soon as you notice. Most of the times when someone's card details are stolen the bank doesn't charge the person for any of the charges the fraudster might make; assuming that the person reports the theft ASAP

    • Lance ==)-----------------
      September 23, 2013 at 11:40 pm

      This is true for credit cards, but not for debit cards, even when you use them as credit cards (y'know, when the clerk asks "debit or credit?" and you say "credit"). For those cards, the only protection you have is the bank's interest in keeping you as a customer.

      My wife lost $1500 on her card, but I think she was actually using it as a debit card with the PIN at the self-serve gas station. I've read that crooks can put a hijacking device inside a pump in 90 seconds in broad daylight, and there's no way to tell by looking that that's what they've done because it's all inside.

      I never enter my PIN at a gas pump and examine ATMs & yank on the reader slot before using those (I'd rather apologize 'sorry, it came off in my hand' than hand my info to a skimmer.)

  4. kumarkishore
    September 5, 2013 at 4:42 pm

    sometimes we receive bank account alerts after every thing lost.. so beware.. prevention is always better than cure

  5. Lesm
    September 4, 2013 at 2:14 pm

    England has "Chip and Pin " as standard

    • MIke
      September 4, 2013 at 2:28 pm

      Chip & Pin didn't stop some toe-rag cloning my card at my local petrol station.

  6. DmitryIV
    September 4, 2013 at 11:04 am

    Use cards with microchip. These cards to clone very difficult.

    • Christian C
      September 4, 2013 at 11:28 am

      The problem with this is that not all banks offer these.

  7. ReadandShare
    September 4, 2013 at 12:53 am

    Use tech to fight tech.

    In the old days, you didn't know of any irregularities until you receive your bank statement once a month. Then, you can check your account at your bank website from time to time. Nowadays, you can set up "alerts" at your bank website so that transactions in or out, account/profile changes, etc. are automatically emailed or text to you. -- right after they happen.

    I believe everyone should have alerts set up.

    • Christian C
      September 4, 2013 at 11:27 am

      Excellent suggestions, ReadandShare.

      Interestingly, I had an alert setup with a company called CPP (a notorious bunch who are in the news currently), but because there was insufficient information provided in the SMS (I was already on a day out, shopping 50 miles from home) alarm bells didn't ring.

      However modern SMS alerts from banks are much more useful, and vital for anyone who wants to keep track of their spending and card behaviour.