ATM Skimming Detection and Security Best Practices

Shields logo with text "Skimming Insight and Best Practices" and 5 photos of ATMs

ATM & ITM Scams: A Guide to Skimming Detection and ATM Safety

Regular monitoring and maintenance of ATMs/ITMs is paramount to the safety of individuals and financial institutions against criminal activity such as credit card skimming, theft, identity fraud, and more. ATM scams often involve the use of specialized equipment such as hidden cameras, fake card reader installations, PIN overlays, and other specialized technology designed to deceive the user into provided sensitive financial information. Signs of a tampered ATM or ITM machine may be hard to spot for the average unsuspecting consumer, but the ATM/ITM professionals at Shields Business Solutions know just where to look. Financial institutions can stay ahead of the criminal element by employing these ATM safety and anti-skimming best practices.

ATM/ITM Skimming

Skimmers are designed to read card information when a card is inserted into an ATM/ITM card reader. Spy Cameras or PIN pad overlays are often used in conjunction to record PIN numbers. These devices work together to steal data needed to either recreate a fraudulent duplicate card, to make online purchases, or to sell on the dark web (black market internet sites). Most devices are not easily spotted if not looking closely; however, most devices are spotted with a visual and physical inspection.

There are multiple types of ATM Skimmers. They’re all designed to deceive consumers out of their hard-earned cash, but how they can be detected and removed depends on their construction.

Fake Bezel Skimmers

This Fake Bezel contains the skimmer and is glued or taped over the real bezel. You may have to pull on the bezel to discover this cleverly crafted device. For this ATM scamming device, the entire Bezel is the Skimmer. Important considerations:

  • Bezel Type skimmers can look factory-real. In this case the entire silver portion was recreated by the thief to cover the whole card reader assembly.
  • It is important to look for little queues like the shape of the insert area or the misaligned braille sticker to detect a fake.
  • Use your reference picture to quickly identify the differences. The fake bezel or PIN pad overlay may appear too new or clean Fake Bezel Skimmers.
  • Criminals create a Card Reader bezel which attaches right over the original. It is designed to look factory but contains skimming electronics to read a card as it in inserted. It’s usually attached by double-sided tape and will pull off with little effort.
  • A spy camera or PIN pad overlay may be also attached somewhere on the terminal to record PIN numbers as they are typed in.


Deep Insert Skimmers


Deep Insert Skimmers are a newer, smaller, and harder to detect technology where the miniature skimmer is inserted inside a card reader. They can be found with various designs. Important considerations:

  • Deep insert skimmers are typically inserted and removed with a specialized tool. A technician may be required to remove one if found or suspected.
  • A sign that a skimmer is inserted is if an inserted card is hard to insert and to pull back out. The skimmer may cause friction when inserting and pulling out.
  • During inspection, carefully check the interior of the slot for a thin metal or plastic skimmer device. A quick visual inspection should reveal this poorly built insert style skimmer.

Deep insert skimmers may also be available as miniature insert skimmers. They can be the size of the one featured below or even smaller.

  • Deep Insert Skimmers will not have the tab that would show on the outside of a card reader.
  • Additional friction while inserting or pulling a card out of the reader may be a sign there is a deep insert skimmer.

ATM/ITM Spy Cameras

Spy cameras offer financial scam artists an opportunity to discreetly eavesdrop on a consumer’s ATM transaction. The hidden camera will record PIN numbers, credit card numbers, bank account data and other sensitive info – all without the customer’s knowledge. Cameras may be installed on various parts of the machine, and often criminals may install more than one camera.


Spy Camera Hidden in a Fake Brochure Holder

This is an older technique that is still used today. A spy camera is inserted in fake brochure holder and mounted in view of the PIN pad. A few considerations:

  • It is usually held on with double sided tape.
  • Use your reference pics to find items like this that are out of the ordinary.
  • Even if the brochures are legitimate, the holder may not be.
  • Spy cameras are as small as a dime and the lenses are smaller than a pencil eraser.
Pinhole Spy Camera
Pinhole Spy Camera

Pin-Hole Spy Camera

  • Wedged into the upper fascia looking down onto the PIN pad.
  • Can be difficult to detect.
  • Records PIN numbers as they are entered.

PIN-Pad Overlays

PIN Pad Overlay
PIN Pad Overlay

These replica devices often look factory-real and rest atop the authentic PIN-pad of the ATM or ITM machine. The overlay records keys strokes and is very hard to spot.

PIN Pad Overlay
PIN Pad Overlay

Some important factors:

  • Careful inspection should reveal the function keys are not the same.
  • Numbers and characters may not look the same.
  • Look for a raised PIN pad that is no longer flush with the read PIN pad.
  • Inspect for a skimmer if an PIN pad Overlay is discovered, as these are often used together.
  • Retail Point of Sale units are also subject to overlays.

Shimmers – ATM/ITM Scams that Capture Cards

ATM Shimmer
ATM Shimmer

Unlike skimmers, shimmers capture debit or credit cards when they are inserted into the ATM or ITM, giving criminals physical access to the cards. They are often used in conjunction with a spy camera or a thief who is lurking in the area and can view the PIN pad from a short distance or using telephoto lens camera. A few other considerations about shimmers:

  • The card is captured as soon as it is inserted. The consumer may be able to complete a transaction and puts in his or her PIN but is unable to get their card back out.
  • The thief retrieves the card using a special tool and can then use the card.
  • Consider doing a test card insertion into the card reader during the daily inspection to check for shimmers or deep insert skimmers.

Best Practices for ATM & ITM Safety

For enhanced security and less likelihood of ATM/ITM tampering, consider these best practices:

  1. Create a training program for your ATM / ITM fleet and stay diligent with inspections.
  2. Take good-quality photos of your ATM/ITM and close ups of the card reader and PIN pads.
  3. Print the pictures to use as a reference when inspecting terminals.
  4. Visually and physically inspect all of your terminals twice a day or as soon as a complaint is filed, or suspicious activity is noticed or reported.
  5. Take steps to ensure your ATM/ITM is not seen as a “soft” or “easy” target for criminals. Soft targets are locations where machines are out of public view, in low traffic areas, low-light areas, or locations where security cameras could be covered, smeared, or tampered with.
  6. Have multiple and hidden cameras with high, middle, and low angles for the best pictures of the perpetrators.
  7. Have your terminals professionally inspected quarterly to make sure anti-skimming technology is working and reporting to your ATM network correctly.

What to Do if You Suspect a Skimmer, Shimmer, or Spy Camera on Your ATM/ITM Machine

If you suspect your terminal has a skimmer, shimmer, or spy camera, call your local law enforcement, the Secret Service, or a trusted technician. If a device is found, close off the machine or power it down and do not remove the skimmer, camera or PIN pad overlay. Instead, call the authorities and keep watch on the unit. To assist law enforcement, check for suspicious people in view of the terminal. Finally, allow technicians or authorities to remove the fraudulent devices to preserve and collect forensic evidence and information.

Shields Business Solutions is Standing by for All Your ATM & ITM Needs!

If you have questions about suspected ATM tampering, contact us for an appointment. We provide software, security, management solutions and more for ATM & ITM terminals. We serve financial institutions up and down the Mid-Atlantic Coast, from Harrisburg, Allentown, Bethlehem, Wilkes-Barre, and Greater Philadelphia in Pennsylvania to the NYC boroughs, Long Island, and Suffolk County in New York, as well as Northern Delaware and all of New Jersey.

Exclaimer: This guide is for training purposes and offers basic guidance. It is not legal advice but includes images and information that is readily available on the web. New skimming devices and techniques are being continually developed and continuous countermeasures and training are required to stay vigilant to protect FIs and consumers. Feel free to use this guide as a starting point for your own anti-skimming training program.