The web Browser you are currently using is unsupported, and some features of this site may not work as intended. Please update to a modern browser such as Chrome, Firefox or Edge to experience all features Michigan.gov has to offer.
Credit Card Company Warns of New Card Reader Scam Targeting "Swipe" Transactions
Attorney General Dana Nessel is highlighting the newest consumer warning from VISA, alerting consumers about a new scam where thieves steal your information when you swipe your payment card at checkout.
Inserting a payment card with a chip is more secure than swiping a payment card with a magnetic strip. And using a credit card or running a debit card transaction as credit gives you more protection than running it as debit.
The New Scam:
VISA recently discovered thieves hacking merchant point-of-sale networks that allowed the hackers to remotely steal credit card information from transactions made on the merchants’ card readers.
The thieves likely gained access to the networks through phishing emails with malicious links that, when clicked, installed malware to steal payment card data. The malware infects a merchant’s entire point-of-sale environment that includes all of its card readers, so it is more sophisticated and harder to detect than a card skimmer (a physical, fake card reader that sits on top of the real reader and steals data one reader at a time).
The VISA alert did not report how widespread the problem is nor where the affected merchants are located, but it did suggest that, for now, the malware targeted only the card data for magnetic-strip swipe transactions. Thus, only those who swiped their cards were at risk of having their information stolen.
Because a magnetic-strip swipe offers little security, there is not a lot you can do to avoid this hack if a merchant only offers magnetic-strip swipe technology. However, you can limit your risk taking these precautions:
- Use a payment card with chip technology;
- Look for card readers that use chip-reader technology;
- If swiping is the only option, look for an in-store chip-reader, use a credit card instead of a debit card, or run your debit transaction as credit;
- Enable real-time alerts on your financial accounts to spot unauthorized activity;
- Keep an eye on your card statements; and
- Consider paying with cash.
Choosing “Credit” vs “Debit” When Using a Debit Card
If you have a debit card that carries a credit network logo, you can choose to pay with “credit” at merchants that accept that credit card. The transaction isn’t technically a credit purchase – you don’t get a period of time to pay for the charge that will be deducted from your bank account in a matter of days and it won’t help you build credit — it just gets processed through the credit network associated with your card.
Unlike debit transactions that immediately get deducted from your bank account, credit transactions can take days to clear your account and may come with card benefits, like zero liability for fraudulent purchases or reward programs. And if the merchant’s card reader has been hacked, running the transaction as credit instead of debit and entering your PIN, prevents hackers from gaining direct access to your bank account.
Contact the Attorney General’s Office
If you have a consumer complaint, you may file a complaint with the Attorney General’s Consumer Protection team:
Consumer Protection Division
P.O. Box 30213
Lansing, MI 48909
Toll free: 877-765-8388
Online complaint form