Big box stores and family members aren't the only ones eager for you to break out your credit card to pay for holiday gifts this season. Scammers are out there too, excitedly waiting for you to fill online shopping carts and click on retailers' payment pages.

That's when their holiday festivities begin.

Unlike your uncle's ugly holiday sweater, credit and debit card skimmers can be hard to spot.

While we've all been told the padlock symbol and HTTPS in the URL of a retailer's checkout page guarantees an encrypted transaction, the elves at the top of Santa's Naughty List can still make your money disappear — like holiday magic.

Here's How

Unlike your uncle's ugly holiday sweater, credit and debit card skimmers can be hard to spot.

Criminals attach these devices to payment terminals on gas pumps and at stores, and on ATM keypads to steal your account information when you insert your card. Then they use the cardholder name, card number, and expiration date to fill their own stockings — or they sell the information to other evil-doers.

Most skimming devices look like regular card readers, but there are a few tell-tale signs of shady activity. Avoid using readers that:

  • Appear larger than other nearby card readers
  • Wiggle at the touch or visibly appear loose
  • Have security tape that's missing or appears to have been cut
  • Feel sticky or show signs of glue residue

It would be obvious if someone attached a physical card skimmer to your cell phone or computer, so you might think it's safe to use them for online purchases.


Enter e-skimming — the latest way to steal your payment details when shopping online. Hackers install skimming software onto a website's payment page, which allows them to the steal your payment details with each keystroke.

Retailers are often late to the game discovering their website has been hacked. The theft happens so fast, your card could be used by someone else before you've even reached the "Thank you for your purchase" page.

While you can't prevent tech-savvy, info-stealing savages from hacking the websites of your favorite online stores, you can minimize your chances of falling victim to their nefarious plots.

  • Pay for online purchases with a credit card — not a debit card. Generally, credit cards offer greater protections. With a debit card, your stolen information can be used to drain your entire bank account.

  • Use a virtual or temporary credit card designed for single use. Ask your credit card issuer if they offer this option.

  • Since you can't tell if a website is infected with e-skimming software, monitor your accounts for unusual activity and immediately report unauthorized charges to your bank or creditor.

Don't let cybercrooks steal your holiday joy. Stay alert to their schemes and to stop them in their tracks.