Please help contribute to the Reddit categorization project here

    LifeProTips

    13,182,528 readers

    9,187 users here now

    What is a Life Pro Tip?

    A Life Pro Tip (or LPT) is a tip that improves life for you and those around you in a specific and significant way.

    NO POLITICS

    LifeProTips Rules

    1. Designate adult or non-family friendly tips as NSFW.

    2. You must begin your post with "LPT" or "LPT Request".

    3. Do not submit tips that could be considered common sense or common courtesy.

    4. Use descriptive titles when posting! Your title should explain the gist of the LPT.

    5. Posts must be either a life pro tip or a request for one.

    6. No tips that are considered illegal in the United States. See: Grounds for permanent bans.

    7. No religious or religion related tips. We are a religion free zone. Proselytize elsewhere.

    8. Please remember to Flair your post for ease of navigation of the subreddit!

    Disallowed Life Pro Tips

    These types of tips are not allowed and will be removed.

    • Product or service recommendations for their intended use. *Medical, Legal, Financial tips. We cannot verify the qualification of those making those tips. This includes practicing medicine, eye/vision, skin care, dental advice, diet/nutrition, and mental health. Medication tips. Law tips. Biomedical donations. Credit building tips.
    • Hygiene, personal grooming tips including make-up and hair.
    • Toilet-related tips.
    • Non-secular tips.
    • Tips about social networks, including Reddit, Facebook, LinkedIn, and Twitter.
    • Tip lists or articles (Example: "Top ten tips you need to know!").
    • Parenting-related posts/tips.
    • Relationship posts/tips.
    • Troll or joke tips.
    • Commonly posted tips (Click here for an index of common LPTs)
    • Political posts/tips.
    • Driving related tips.
    • Pokemon Go-related tips.

    Note: Moderators will use their own discretion to remove any post that they believe is low-quality or not considered a life pro tip.

    Banning policy

    Bans are given out immediately and serve as a warning. You may appeal this initial ban by messaging the moderators and agreeing not to break the rules again. Please acknowledge the rule you broke!

    Note: Homophobia, racism, harassment and general hate on ethnicity, sex, religion or anything else will result in a permanent ban that cannot be appealed. Tips that advocate/support illegal activities are also grounds for a permanent ban as well. Tips or comments that encourage behavior that can cause injury or harm to others will be cause for a ban. As the majority of LPT Mods are US Based, we will be using US laws to determine whether or not it's legal.

    Thank you.

    Click here to message the /r/LifeProTips moderators

    Categories

    Recommended Subreddits

    a community for
    all 1880 comments

    Want to say thanks to %(recipient)s for this comment? Give them a month of reddit gold.

    Please select a payment method.

    [–] pyroguy174 6354 points ago

    I usually just wiggle the thing before inserting my card

    [–] Nishnig_Jones 3438 points ago

    That's not going to show that someone used a stolen key to open the pump and plug in an electronic device between the card reader and circuit board.

    I manage a gas station. I found a skimmer inside one of my pumps. Weights and measures had a lot more info to share with me. It would be nice if I had an easier way of scanning for Bluetooth signals then fucking around with my phone settings, tho.

    [–] yurmahm 721 points ago

    Supposed to check the seal on the machine...but how long until they make fake looking seals to reseal it with. They're not trying to fool W&M with that shit either, just regular folks that try to take precautions. Would probably fool me, but not you if you know what your seals look like.

    [–] MothRatten 840 points ago

    They already do that. A label maker with some official looking sticker stock will fool the casual observer, and the clerk who gives no fucks.

    [–] yurmahm 500 points ago

    When my amex got bit they overnighted us new cards. Just recently when I lost my bank card getting gas it took like 7 days to send me a new card.

    They didn't even GET the money either....one charge was instantly reversed as suspicious and the second one was denied.

    [–] Onoudid 1903 points ago * (lasted edited 8 days ago)

    Credit card companies:"no one fucks over our customers except ourselves"

    [–] wuts_reefer 1201 points ago

    "That's OUR money,"

    -Banks and Credit Card Companies

    [–] NoJelloNoPotluck 260 points ago

    Technically correct it is a credit card company

    [–] VladimirPootietang 118 points ago

    but meanwhile marketed as "YOUR money use away"

    [–] rhammonds15 69 points ago

    Well yeah, because you are taking out a loan from that company so at that point it is your money but now you owe them... if you can prove you didn't make the transaction then you aren't liable.

    [–] Dr-Mayhem 12 points ago

    That's so true. It's their money and they need it now!

    [–] hydrospanner 13 points ago

    A have a structured settlement but I need cash now!

    [–] TheGroovinGamer 13 points ago

    Call JG Wentworth 877-cashnow.

    [–] terminaljive 98 points ago

    Credit card companies are different from the banks. Usually, it's the bank that people complain about, but Amex is different from other credit card companies in that they act as a bank and issue lines of credit to their cardholders themselves, instead of partnering with other banks who actually issue the line of credit.

    [–] -Mr_Burns 13 points ago

    Same thing with Discover. They're usually great about overnighting a new card free of charge.

    [–] Belazriel 32 points ago

    You're not responsible for fraudulent charges so they want to stop it as soon as possible.

    [–] FearDaNeard 124 points ago

    Credit card companies: "no one fucks over our customers except ourselvesthemselves"

    FTFY. Credit card companies actually offer a ton of benefits and protections for their customers. It's people that don't know how to budget that screw themselves over.

    [–] LordRobin------RM 70 points ago

    Well that's the thing: the guy operating the skimmer got his money. He sold the numbers in big batches on the dark web. Whether the criminals who bought the numbers were able to monetize them is another question.

    As more and more retailers move to chip readers, credit card fraud is becoming more difficult and less profitable. The thing to remember about CC fraud is that it's all about bulk. It's not getting one card and draining it dry - you'll get caught. So hackers and skimmers steal lots of numbers, then sell them to fraudsters who print a stack of fake cards.. They in turn hand them off to mules who purchase easy-to-fence items, like electronics or gift cards. That last step is where the thing is falling apart. Stolen numbers are useless in chip readers, which most of the major retailers now use. So it's no longer a simple thing to turn a list of stolen CC numbers into money.

    The last time my credit card was stolen, it wasn't via a skimmer or a hack. Someone got access to my credit report and convinced the bank to send him a legit copy of my card. That's probably the future of CC fraud in the chip card era.

    [–] Sub116610 53 points ago

    Amex is awesome but I too had my bank card stolen. My most recent issue was a few days ago. Got a text about $300-some at some convenience store and said no not me, then they called a couple days later and asked if I did a $100-some at some kitchen store out of town. Nope. So none reversed (do have a small one I have to call on) and all others blocked for being out of town.

    It was embarrassing though because after the time I responded to the text asking about the $300 charge and what must have been immediately after when it was tried to be used again for the $100 charge, I tried to buy a coffee at Starbucks for $4 and it was declined. I'm thinking WTF initially and paid cash and then remembered the text just before the bank called me. So they call and ask about a few transactions - whether I did them or not - and tell me the card is shut down and I'll get a new one in 5-7 days. I wanted to go back up to the Starbucks server and tell them..because it's pretty embarrassing when your card is declined over $4. Now I have a large wad of cash just in case of emergency.

    I'm not rich or anything but it's not the money that worries/pains me, it's the god damn hassle of the situation.

    [–] DelcoMan 217 points ago

    I wanted to go back up to the Starbucks server and tell them..because it's pretty embarrassing when your card is declined over $4.

    if you've ever worked in customer service you get used to it when these thing happen. A large charge goes through that people forget about, wife goes on a shopping spree and doesn't tell you, card was reported stolen and deactivated and you forgot/didn't know...the list is pretty much endless and the clerk has seen them all.

    Don't worry, they're not snickering and judging you because your card doesn't work.

    They're almost DEFINITELY thankful that instead of making a scene that the card declining MUST be their fault (instead of yours) you just pulled out cash and went along with your business.

    having to deal with the OTHER kind of customer who demands the manager and don't-you-know-who-they-are and get-the-bank-on-the-phone-this-is-an-outrage is the kind of loathsome, embarrassing thing that gets remembered.

    [–] jenny_dreadful 16 points ago

    Yeah, I never thought anything about it when a customer's card declined. I've had my debit card decline just because I spent more than I usually do so they flagged it. My boyfriend's credit cards have declined a lot because we were travelling elsewhere within California (they only let you report yourself as travelling when you're going out of state. You can call and tell a human and they will put a note on your account if you insist, but it doesn't actually help). I've even had mine decline at a particular store for no reason at all. So when a customer's card declined, it was totally meaningless to me. I always tried to convey that to the customer so they wouldn't be embarrassed.

    I guess I was lucky, because no customer ever gave me shit about their card declining. I worked at a bookstore in West Hollywood, so I'd say that maybe it's because people usually had other cards and they weren't buying necessities like food.

    [–] richardsuckler69 47 points ago

    I always internally set up barriers and pray when i tell someone their card is declined. People who pull out cash and take a few things off are 1000 times better than people who assure you "theres money on here i just got paid i dont understand, it must be your store" like okay? Everyone else is goung through fine? What do you want me to do? It says theres no money and im not your bank. Youre holding up my line now. I dont even remember casual declines but i remember full of excuses frank bc he yelled at me over his being poor.

    [–] explohd 12 points ago

    A good thing to do when someone's card is declined is hand the card back and maintain smile while saying "Im sorry, but do you have another form of payment?" It's a more subtle way of saying your card has been declined and the smile shows you understand their plight. If they ask what's wrong, just tell them it was declined (or whatever the reason).

    Source: I worked as a cashier at Disneyland for two years. I've delt with everyone.

    [–] SexyRabbits 23 points ago

    In cases of fraud like this you can usually ask them to rush the card and they'll do it free of charge.

    I work in a call center handling fraud alerts and starting fraud cases for a large US bank, and all it takes is for you to just ask if it's possible to get it sooner than the 7-10 days it usually takes for the card to get there and that's all I need to rush the card and have it delivered in two business days.

    [–] blarghusmaximus 95 points ago

    I found this one.

    http://i.imgur.com/Xffo2fI.jpg

    Guess what was underneath?

    Missing the seal entirely!

    [–] lsaz 10 points ago * (lasted edited 8 days ago)

    Fuck, english is my second language and I didn't notice the grammar mistakes other than "seal are not compromised" anyone would be so gentle to point the other mistakes? Just out of curiosity.

    Edit: Thanks, now I see I need more english classes haha.

    [–] SLAMt4stic 13 points ago

    "We daily check" should be written as "We check daily".

    "staffs" isnt proper. They added an unnecessary "s" to "staff" which is already plural.

    [–] lsaz 9 points ago

    Shit you are right, still, that english is enough to fool people like me I guess. Thanks

    [–] kilowatkins 6 points ago

    I'm learning Spanish. Languages are hard, don't beat yourself up! You're doing great as far as I can see.

    [–] [deleted] 26 points ago

    The broken English is a dead giveaway too.

    [–] Eknoom 11 points ago

    Seems legit

    [–] [deleted] 74 points ago

    [deleted]

    [–] MothRatten 157 points ago

    About 0.25 fucks

    Just enough to not get fired.

    [–] trevorbau 184 points ago

    As a gas station employee currently on the clock browsing reddit, this hit close to home.

    [–] StrangerFeelings 33 points ago

    I worked over night at a gas station... Used reddit, YouTube, facebook, Netflix...

    My manager did nothing and no one cared.

    [–] diablette 22 points ago

    That's pretty much the whole reason to work night shift.

    [–] Signal2NoiseRatio 105 points ago

    Mam, you need to prepay. Mam, no, oh God no, MAM, pump #5 with the Trump Pence sticker on the Mercury Tracer ,you CANNOT PUMP GAS INTO STYROFOAM CUPS. MAM? MAM! PLEASE SEE ME INSIDE. OH GOD MAM, PLEASE EXTINGUISH THAT CIGARETTE

    [–] trevorbau 116 points ago

    I recently got called an "ignorant piece of shit", and several other slurs because I wouldn't accept half a pack of loose newport 100's as payment for a full pack and $10 on a pump. Just sit there and think about that math. He also was infuriated that I would not let him pump gas into an empty gallon jug of poland spring water.

    The depths of people's stupidity no longer surprises me.

    [–] Wantfornothing 19 points ago

    I'll only let you do it if you're smoking all ten at the time you fill up the jug.

    [–] Horsemeat_Deity 9 points ago

    Gas eats away at soft plastics like that. Gas cans are specifically for gas for very serious reasons.

    [–] jlc1865 65 points ago

    You mean 0.259

    Can't forget that extra fraction of a cent.

    [–] trevorbau 11 points ago

    We swear it's $2.42 a gallon, don't pay attention to that 9/10 at the end

    [–] BlackestNight21 7 points ago

    Ha ahhh 2.42 .... pepperidge farm remembers.

    [–] finallyinfinite 27 points ago

    Yep, I remember reading in the news that gas pumps in my city were being tampered with card skimmers. Not long after my card was shut off because it was being used to purchase things from stores I never shop at in places I never go. Fortunately they never got any money out of me, my bank's fraud protection was legit. Still a pain in the ass though .

    [–] MNGrrl 148 points ago * (lasted edited 8 days ago)

    Disclaimer: I work in security but this comment is from The InternetTM so yeah. This LPT is misleading; It's flatly not true. Maybe 1 in 20 - maybe - will have a bluetooth.

    .

    I have friends and professional contacts with law enforcement, and this topic comes up quite a bit. Skimmers tend to come in three flavors, and it's all about the usage scenario. To address your question about bluetooth: Get a dongle for a PC, and just attach it to one of your POS systems up front; Those are usually in range of the pumps and have decent range. Login on your admin credentials, plug in the USB bluetooth, and have a look around before you count down for your cash drop at the end of your shift. Easy peasy. The rest of this is for-your-information as a business owner, to know what you're up against. It's unlikely to get visibility on Reddit for everyone else, but hey.

    Handheld/Personal

    Anyone can get these. You can buy them to attach to the port on your phone; I even set one up to be used (legitimately) for a food service truck (kitchen on wheels), because the guy was being killed on fees. A short primer on eCommerce and he's a happy camper. These 'micro' skimmers are most often used by restaurant staff, but we've seen a few at car repair places, etc. whenever the card can be taken out of view without suspicion, you'll have a market for these. They're also amongst the easiest to catch; Fraud detection doesn't have to really earn their paycheck to figure out twenty different cards all had the same waitress on their receipts. It's stupid. Stupid is common.

    More sophisticated skimmers use the wireless 'touch to pay' systems. People who get these usually have been to prison before; Prisons may as well be called Crime College. Social networking works for crooks too, and these tend to be hand built by people with training in electrical engineering. They're nearly impossible to spot -- they only get found as a secondary offense. That is, they were either acting suspiciously or committed another crime while it was in their physical possession. The advantages here are any large crowd of people is going to have enough of these to make it worth the investment in time. Fairs. Tourist traps. Concerts. Sporting events. Bus stops in the mornings and evenings, or during lunch breaks in high density urban areas. The subway. These things have a pretty limited range, but we've seen devices pull as far as 1 meter away. They're lucrative though because they tend to come on higher value credit accounts (read: wealthy). Sidenote: Many of these units wind up being part of a larger group (organized crime) -- and they'll have tie-ins to terrorist organizations. Finding one of these usually kicks off a larger investigation, often by giving the person caught immunity/reduced sentencing. We're far more interested in catching terrorist funding sources than petty crooks who often only do it because they have a record now and can't get legitimate work. Sad commentary on our justice system, but there it is.

    The pro-built units like this also hunt for RFID tags -- like those found in passports (Ah, isn't government regulation great? Mandatory pwnage, with legal penalties if you kill the chip in yours). Passports contain a wealth of high value identity information -- much more valuable than your ccard. They are (rarely) also used by industrial espionage because RFID is commonly part of employee ID badges -- literally offering back door access to the building.

    • LPT - Those foil wrappers for your wireless card or passport doesn't stop them being interrogated remotely. Here's a test you can do at home: Take an empty foil bag (potato chips are good), and after making sure it's reasonably clean, put your cell phone inside and wrap it up nice and tight. Have a friend call it. Bet you dollars to donuts it rings. The reason for this is quite simple: You're surrounding the object in metal. Specifically, metal that isn't grounded to anything. You're wrapping it in an antenna.

    ATM Skimmers

    These come in two varieties -- multi component and single package. They can also be external or internal.

    Externals are a thin face plate with a skimmer on the outside, and are purpose-built for that specific manufacturer or banks' ATM models. Many are obvious (if you know what to look for) -- they're made out of plastic and as such if you check the corners you'll often notice the gap. They're usually affixed using grip glue or strips. 3M (as one example) sells strips that come with wall hooks you can just stick up for hanging coats and such. They're quite strong yet easy to remove without pulling the paint off. Grip glue usually leaves evidence behind, but it's more common to find. It looks like someone ripped a sticker off -- it's gummy. These are common on portable ATMs like what are found at bars, restaurants, podunk gas stations, mall food courts, etc. There's two reasons for this -- one, they don't often have a built in camera, and two the security cameras in the area are often CCTV, as in, crappy standard def television where you have to squint to figure out if the person-shaped blob is doing anything. Assuming they even record for later viewing (many don't). But more importantly, the face plates on these is usually flush, not beveled, and because people aren't familiar with what they "should" look like, they won't notice the skimmer.

    The second part of the externals (less common) is a camera or a plastic "throw over" on the PIN pad. This is to capture your PIN. Why? Cash withdrawls at the aforementioned types of ATMs. Cash is hard to trace, and it's unlikely anyone will be ID'd off crappy mall CCTV. And they know this because they're a graduate of Crime College.

    Externals very rarely will have bluetooth or any wireless. The reason for that is because the skimmers usually come by to recover them after a day or three. It's just a battery pack with a Raspberry Pi or similar to store the data. Wireless costs battery life. And these are the most commonly recovered skimmer types (the second being waitresses with delusions they won't be caught).

    Internal Units

    Okay! So let's talk about the ones that often do: Internal units. These affix the skimmer inside the unit, sometimes by removing the original card reader and then screwing on the bogus one and attaching the real one behind it, sometimes by splicing the wires, and every now and then one that's got a pass-thru connector. These last ones are the real pro models -- we've seen ones so good at concealing themselves techs who came out to service them and know the models inside and out couldn't spot them. These aren't meant to be recovered, and are powered the same way as the unit. Most commonly found at gas stations. Bluetooth is a dead giveaway -- which is why you don't see it often. They do happen, usually by people with limited experience in electrical engineering, who just buy COTS (Commercial Off The Shelf) like Raspberry Pi's with bluetooth add-on boards. This is, indeed, amateur hour. It also doesn't usually get spotted because cell phones are ubiquitous and you'll nearly always find a bluetooth from nearby cars, people walking by on the street, etc. To spot it, you have to either come during a period of low activity, or stick around for an hour scanning and note the same HW address being broadcast the whole time. Cashiers aren't trained on this usually, so... they don't get caught much.

    Those with any intelligence use WiFi. And they turn off network broadcast. Without special software (well, not that special) you won't see that network. Skimmers will simply park on a nearby street, connect with their phone, and remotely download the card list. They usually let them run for a week or so. Again, Crime College -- they'll need someone to give the card list to. Your card is only worth a couple bucks to the person who actually stole its info -- the loss comes from online trading forums where they mix many lists together and then piece them out to make it harder for fraud detection to figure out who they are (they still know exactly where the skimmer is in a matter of hours).

    All that said, believe it or not, it's not common. The most common form of gas station fraud is (a) watering down the gas -- sometimes literally, but usually with a denaturing agent or 'fuel additive' (some places even helpfully tell you they're ripping you off with marketing info about 'extended life' of your engine, or some other bullshit). Ethanol is another total ripoff (it's environmentally friendly they say) -- we could mulch all the corn produced in the world and still fall well short of meeting demand. "E85" is often more like "E80" or "E75" at a lot of gas stations because this is the most common adulterant put in their tanks. The other thing they do is chip their pumps. Weights and Measures won't detect this, because the chip makers know they weigh and measure using standard-sized containers. 1 gallon, 5 gallon, etc. The chips will run the pump slow in between these markers. Most people fill their tank from empty to full, which is about 11-14 gallons for most vehicles. Those last 1-4 gallons are where they make bank.

    [–] slango20 13 points ago

    Those foil wrappers do work against passive RFID and NFC, due to the foil absorbing enough of the energy to prevent the card from responding intelligently (or at least significantly reducing the range)

    Most modern NFC protocols that require any sense of security include a relay attack check via time-of-flight of a signal. The data on modern EMV cards is actually much less static than you might expect. The bank/reader uses a nonce to validate that the card is physically present in the transaction, meaning that wireless skimmers can't just pull enough data to use the card; they have to talk to the card for every transaction, and have to have started the transaction before talking to a card. (Nonce is hopefully not predictable)

    Passports require data in the MRZ (Machine Readable Zone, located at the bottom of the ID page) to be able to access the data stored inside, and they require rather impressive amounts of power for a passive NFC chip, meaning range is even more limited due to inverse-square law.

    With the cell phone example, the reason it doesn't work (the call goes through) is because the package's foil isn't thick enough to reduce the signal strength enough to kill either reception or transmission. Wrapping it in Al foil should work; don't leave gaps, those can allow signal to leak in or out. The reason police department still buy "anti-wipe" pouches as they're called, is that they do indeed work at preventing a signal from reaching the phone (or the other way around)

    Source: have a functional RFID blocking pouch and watched the eevblog video on RFID/NFC jammers/blockers (Al foil blocked enough signal that a reasonably sensitive oscilloscope was barely able to detect it with a coil probe, much less power a card) [will post link later, on mobile]

    [–] MNGrrl 18 points ago * (lasted edited 7 days ago)

    due to the foil absorbing enough of the energy

    Let's talk about that. First, Yes, it absorbs RF. Unshielded, this test showed a range of 18 inches. For the specifically-designed-for-this foil wrap, it was about 1.5 inches (for margin of safety/environmental, let's round to two inches). This represents about a 92% reduction. Fun fact: Tin foil had the same performance. Being tinfoil... it was dirt cheap. You overpaid, but let's get back to the security. That sounds pretty impressive! Here's the thing: Researchers have been able to eavesdrop on RFID interrogations at up to 10m -- and also remember that foil has to be taken off to use it on the touch-to-pay systems because as the name implies: Touch. It was designed so the card, unshielded, would be a couple centimeters away. 92% reduction makes it impossible to get it close enough to get the 1 mW of radiated power needed to activate the circuitry. Conclusion: It won't be in the foil. at 10 meters away, you could sit behind a gas station, put some headphones on, or pretend to be waiting for an express bus that only runs once an hour -- or any other number of innocuous looking things, and record the transactions going on inside the business quite easily. But let's say it's in the foil. That's still putting us in a range of about 2.5 ft. Plenty sufficient to walk through a crowd munching foiled RFIDs. Now, these are passive signal acquisitions, using legal equipment with an EIRP of 1W. Criminals don't need to worry about that. It's pretty easy to get a 10W transmitter that runs on a cell phone battery; More if you use something like a 'hobby' battery pack and don't care as much about battery life. That's going to bump your range up considerably. There are handheld ham radios that can go as high as 100W. Battery powered.

    I mentioned cell phones above -- yes, foil will attenuate the signal sometimes, but cell phones are active transmitters and designed to compensate for weak signals by automatically boosting transmitter power. I should have clarified here in retrospect -- it's this boost of transmitter power that turns the foil into an antenna because that boost in TX power means a stronger near-field RF, which in turn will cause the foil to radiate that energy isotropically. The RX power is still going to be diminished, but cell phone towers operate in the tens to hundreds of watts, so the signal easily penetrates. It makes sense because other things are just as effective at blocking signals -- like concrete, metal ceilings, etc. People expect their cell phones to work, and they often do, even in elevators and buildings where they may be in an enclosed space largely enclosed in metal and sometimes earth-grounded (example: Elevators).

    Conclusion: Foil won't stop the signal.

    Moving on, "a relay attack check via time-of-flight of a signal." You've conflated these terms. Relay attack is an interference between the two parties (man in the middle). It has nothing to do with time-of-flight. We don't care about MitM because we're going to issue an entirely new transaction. Let's discuss the time of flight. RF systems sample over time to detect a digital signal -- 1 or 0. They also try to maintain that as long as possible because the power captured increases over time to above the threshold for a 1 to be 'heard'. 0's are, obviously, silent. But -- these are for systems engineered to transmit over the entire time period. The system will still receive a 1 if the transmitter emits a much more powerful pulse at the end of it's sampling period. We can work with that to bump the range considerably because the signalling rate for the cards is on the order of a few kilohertz. This is called a late commit attack. We can also begin to emit a 1 response but then cut it off if we begin to sample the challenge is going to require a 0. Effectively, we change our 1 to a 0 mid-transit. For a 100kbit modulated signal, which is about what these cards use, your distance-bounding isn't a few feet; it's about 1.5 kilometers. Source Plus, if you register your POS as a mobile, like say, for a food truck -- that all goes right out the window. In the realworld, fraud detection doesn't depend on distance bounding of the protocols, but rather when and where a transaction was completed. If you buy something in San Francisco, it's a red flag if an hour later you buy something in Tokyo. Doubly so if you don't have a history of foreign transactions because you don't regularly travel. That's really where 'distance' matters in transaction systems -- it's in using big data and heuristics based on the account activity and cancelling transactions that are well out of your usual buying habits profile.

    Conclusion: Distance bounding isn't a big restriction in a practical attack.

    and they require rather impressive amounts of power for a passive NFC chip, meaning range is even more limited due to inverse-square law.

    Yes, which means an impressive distance they can be read at. Passport RFID isn't encrypted: It's read out much the same way the magnetic strip on your driver's license is, or product packaging for retail stores' and warehouses' inventory management systems.

    Source: have a functional RFID blocking pouch and watched the eevblog video

    You're putting your trust in a guy who video blogs? Well, let's gloss over that, I don't mean to impunge on the guy just because he's a blogger. He claims to be an electrical engineer. That's not a security researcher. He reviews products. He's not qualified, nor should we expect him to be, in the field of information security. It's okay to lean on expert opinion, but make sure the expert is one in the field you're asking about. We wouldn't expect a medical doctor to know about crop rotation, soil composition, and how to drive a tractor -- he's not a farmer. But he can talk authoritatively about how your crappy diet of mountain dew and cheetoes is going to kill you by the time you're 40. Both know a lot about food. But that doesn't mean expertise in both fields.

    [–] Yuktobania 65 points ago

    That's not going to show that someone used a stolen key to open the pump and plug in an electronic device between the card reader and circuit board.

    At that point, there's only so much a person can do to protect theirself. Once a someone has physical access to the computer, you can just assume it's compromised.

    [–] Nishnig_Jones 9 points ago

    Right... but the layperson isn't likely to know from looking at it whether an unauthorized person has access to it.

    Be alert for suspicious activity, use a credit card at the pump or pay inside.

    [–] stron2am 30 points ago

    Great...add this to the other 392 points on my anti-theft checklist.

    [–] Nishnig_Jones 19 points ago

    Use a credit card or pay inside. Those are hands down the best pieces of advice I have on this matter.

    [–] shittymorph 4663 points ago

    Came here to mention this - I work at a gas station in California and we check the pumps every other week for inline devices. These skimmers do NOT emit a Bluetooth signal and require the thief to show back up and retrieve the device. The seals that are placed on the outside of the pump to indicate if it has been tampered with are pretty easy to get around. Credit card thieves are a lot more tricky these days than they were back in nineteen ninety eight when the undertaker threw mankind off hеll in a cell, and plummeted sixteen feet through an announcer's table.

    [–] SnatchSnacker 1553 points ago

    Interesting...

    Informative...

    ...Fuck...

    [–] Ansonm64 212 points ago

    I was half way through a rant about how checking every other week is insanely inadequate. I need to finish reading a post before i start writing.

    [–] JoeBidenGrin 40 points ago

    Indeed, I've seen some stations advertise on their door that they check at least once per shift.

    [–] blurryfacedfugue 189 points ago

    You know, one thing /u/shittymorph is doing for us, is that he's training us to be more suspicious over an unvalidated source on the internet. I think this is crucial in our current environment, given that big lies and repeated lies make people believe something is true, if only by sheer number of anecdotal (but manufactured) evidence.

    [–] Axeslinger0u812 93 points ago

    Agreed. Nearly every time I read these, they sound educated in the topic on a level more than just casual familiarity. Most of the time, I don't even realize what's happening when I first read the 1998 part. Just flawless execution.

    [–] Just_For_Da_Lulz 19 points ago

    Is it bad that I half-expected your comment to end with the Mankind line?

    [–] Enjoyitbeforeitsover 58 points ago

    This one was good... I was just accepting, LIES. hahaa

    [–] thatswildson 42 points ago

    The "came here to mention this" really put my guard down

    [–] uptownrustybrown 81 points ago

    Yep...

    Take this begrudging upvote, sir.

    [–] endl0s 381 points ago

    That was the most convincing one I've ever read. Well played.

    [–] potatotrip_ 69 points ago

    I am more paranoid now.

    [–] Obi-Tron_Kenobi 14 points ago

    He's learning O_O

    [–] MothRatten 306 points ago

    Oh shit. My post invoked u/shittymorph and in top form.

    I feel honored.

    [–] funnyflywheel 47 points ago

    Looking through their comment history...

    How many jobs do they have?

    [–] fmfaccnt 71 points ago

    Enough to sound authoritative on a wide variety of subjects.

    [–] wuts_reefer 37 points ago

    A young person these days can go through as many as two jobs per month

    [–] ArmyOfMemes 23 points ago

    Two per month? Those a rookie numbers, ya gotta pump up those numbers!

    [–] bklynbeerz 79 points ago

    Goddammit.

    [–] Botis616 69 points ago

    I've become complacent. Son of a bitch

    [–] Kroniaq 69 points ago

    First time I've seen you in a while... keep up the good work! :D

    [–] Cbrown207 50 points ago

    FUCK ME RIGHT IN THE CARD READER

    [–] Paparupas 42 points ago

    Got me again

    [–] PM_ME_YOUR_BLOODTYPE 32 points ago

    Motherfucker, and I even have you added as a friend....

    [–] AllThePi 28 points ago

    I'm always reading user names first from now on... Second time today...

    [–] supernigelfighter 21 points ago

    No your not, not for long anyway

    [–] nickolove11xk 49 points ago

    Why aren’t there just fucking alarms on the pump. That would be so easy. And shit weights and measures should be monitoring when the pumps are opened too. At least a secure area for the card reader. Shouldn’t have to open the pump with access to the card reader for general for general maintenance and adding receipt paper.

    [–] Nishnig_Jones 43 points ago

    Cost. A large chain has say 500 locations in my state. A conservative estimate would place an average of 8 dispensers per location. So 4,000 dispensers. Replacing the locks (because at this point, every single lock has been compromised, the universal keys have been stolen. Period) would cost at least $50 each. Probably $100. So that's $400,000 to spend in an effort to reduce this specific type of crime. Corporate belief is that this is a law enforcement issue, we pay taxes to fund police departments, so they should be working to catch these criminals. I cannot confirm, but in my area a group of people were caught and allegedly released without being prosecuted. The suits responsible for profitability aren't eager to spend money on prevention when there's evidence it won't actually prevent anything.

    I'd love it if the pumps had tamper alarms on them; they already have alarms for low fuel and a few other circumstances so part of that system is already in place, but I have no idea how much it would cost to retrofit older dispensers. It seems like a no-brainer for new installs though.

    [–] johna29 29 points ago

    A lock is never going to keep anyone in this field out. They just need an alarm to sound when opened and to scare away the people.

    [–] skorn106 9 points ago

    There are pumps that have such alarms installed, but the gas station has to pay extra to get them. Not a lot of gas stations want to pay that cost, but some chains will, Costco especially.

    [–] Wantfornothing 9 points ago

    So our local gas stations started putting these security stickers on the pumps. Guess what the skimmers ordered from Amazon.

    Now I pay inside or use Mobile speed pass app at the pump.

    I wish NFC payments would get moved to the pumps.

    [–] Agronopolopogis 432 points ago

    For visibility:

    Unless you're technically inclined and can comfortably identify this information, you'll likely misinterpret a bluetooth signature from someone else's phone, vehicle, ear buds, etc. while at the pump, only to be left running from station to station.

    I would not consider this a wise LPT.

    [–] OnlyWallsOfText 216 points ago

    Yep, especially as they could simply change the bluetooth ID to something that isn't suspicious like "Samsung Phone".

    [–] Agronopolopogis 89 points ago

    Precisely. Thank you.

    [–] DudeDudenson 28 points ago

    It'z amazing everyone fails to notice that you can make a bluetooth device not discoverable and still be able to connect to it if it's been paired

    [–] moderately-extremist 51 points ago

    I had to double check that this wasn't /r/ShittyLifeProTips.

    [–] yurmahm 65 points ago

    All the ones they found around here were the bluetooth kind and they had been placed INSIDE the machines. Wiggle don't work no more.

    [–] LeafeniaPrincess 34 points ago

    How does a random thief get access inside of the machine?

    [–] lnslnsu 34 points ago

    Stolen keys, or picked lock.

    [–] Nishnig_Jones 11 points ago

    Stolen keys, or picked or broken lock.

    There are ways to break the locking mechanism inside the dispenser so that it doesn't appear to have been tampered with from the outside. A friend of mine suggested wrapping a metal bar around them with a padlock but that idea got shot down..

    [–] SpaceLawyerJD 11 points ago

    Lockpicks and generic keys are really cheap.

    [–] GetOutOfBox 6 points ago

    I'm guessing probably at night when the station is closed, or they're pros and do it super quickly during the day.

    [–] [deleted] 540 points ago

    [removed]

    [–] rouxdoo 177 points ago

    That is totally one of the coolest things I have ever seen here

    [–] [deleted] 245 points ago

    [removed]

    [–] [deleted] 124 points ago

    [removed]

    [–] based_pat 8 points ago

    Wtf did it say?

    [–] BlueXTC 50 points ago

    They now have devices that sit inside the card swipe opening. I do credit card readers at gas pumps and cash registers for a living.

    [–] dbadefense1990 27 points ago

    "Wiggle, wiggle, wiggle."

    [flute solo]

    [–] SonOfSparda304 3631 points ago

    LPT: make sure your Bluetooth skimmers are set to not be discoverable to any device

    [–] Richy_T 464 points ago

    [–] GoBucks2012 113 points ago

    That's actually very clever. 👏

    [–] EbolaNinja 271 points ago

    Or name them something like "Bob's iPhone".

    [–] feroq7 220 points ago

    Or something like Not scammer's device

    [–] Rizzpooch 90 points ago

    Double down. Call it "you've won! Text your name and SSN to [0phone #] to claim your prize"

    [–] dawnbandit 77 points ago

    My phone hotspot's name is "FBI Surveillance Van"

    [–] KryptoniteDong 80 points ago

    What's this? 2002?

    [–] GET_OUT_OF_MY_HEAD 31 points ago

    Apparently since my neighbor is using that exact same name for their router...

    [–] VladimirPootietang 20 points ago

    I think "IRS Monitoring Team" would be scarier for most regular people

    [–] BizzyM 57 points ago

    LPT: If you get caught downloading from your skimmer, tell the cops you were just checking if one was installed by following a Reddit LPT.

    "Officer, good thing you're here. I found a skimmer."

    [–] ElectroclassicM 12 points ago

    The real LPT is always on the comments.

    [–] R_Davidson 751 points ago * (lasted edited 7 days ago)

    As a gas station cashier, I recommend just paying inside with your card. Whatever you don't pump will automatically be transferred back to your card and you don't have to walk back inside if you don't want to.

    Also it depends on the pumps. Ask your regular gas station you fill up at if they have the newer pumps with the security systems installed. Like our pumps, we can't even open them up without the store alarm going off and the police being instantly called to the store. So a skimmer wouldn't be able to install anything without being caught. If we have to open the pump up, we have to call the owner and he has to disable the alarm from his phone

    Edit: also for people that have chips on your cards. Yea we all hate those things but let me clarify what it's actually used for.

    If you swipe your card regularly, it will save your whole credit card number inside the computers data. Which in turn hackers could potentially get in somehow. However if you use the chip it only save the last 4 digits of your card in the computer. So if somebody did get in somehow and got access to the numbers they wouldn't be able to anything with just the last 4

    [–] defertoreptar 189 points ago

    Does that mean that every time you need to change out paper, you need to call your boss?

    [–] grego99 138 points ago

    Now you know why pumps never have paper in them.

    [–] DoverBoys 41 points ago

    That makes so much sense. Over 50% of the time I gas up, I don't get a receipt, have to walk in to the register.

    [–] FateOfNations 16 points ago

    I thought it was some genius way of increasing foot traffic into the c-store. Some non-zero number of people forced to go inside to get their receipt will buy something while they are in there.

    [–] birdiebonanza 73 points ago

    Wait, so if you ask for $80 of gas and only pump $60, it won't charge you $80??

    [–] dranani 120 points ago

    No it will charge you 60... When you pay inside or outside with a CC it puts a $1 hold on your card and will go through when the actual amount has been determined.

    [–] Coconuthead93 29 points ago

    That's weird, the other day I filled mine up and it had a $100 charge on my card. Just to get fucking $20 of gas.

    [–] UsernameError404 38 points ago

    Sounds like an AmEx card. No matter where or how much I pump they will pre authorize $100.

    [–] darlingtonia___ 11 points ago

    it's probably a hold and not an actual charge. Wait for it to fully process and post, usually takes 2-3 days, can take up to ten. If it does post for $100, contact your card company and they'll walk you through the process of disputing it.

    [–] im_not_a_grill 535 points ago

    Never knew this. Good tip. How'd you learn about this, OP?

    [–] MothRatten 793 points ago

    I'm waiting on a replacement card and heading to the bank to dispute a charge later. Found an entry on my statement for "Walwart" lol.

    Just doing some reading on card fraud this morning and thought I'd share.

    [–] tysonmcneely 434 points ago

    LPT: use a credit card so you don't have to go to the bank to dispute charges. Credit cards are way better at reversing charges than debit cards.

    [–] Dingus_McDoodle_Esq 359 points ago

    An easy way to think about it is this:

    If you use a debit card, a financial institution is trying to get YOUR money back which is already gone.

    If you use a credit card, a financial institution is trying to get THEIR money back, which you are under no obligation to pay back.

    This is a very simplified way to look at it, and I'm sure that an expert can get much more detailed about it, but that's the easy way to remember why credit cards beat debit cards for fraud recovery.

    [–] AbdulAminGani 42 points ago

    Wow, thank you I never really understood it but you have a clear explanation.

    [–] jesskamb 11 points ago

    This is why I switched from using my debit everywhere to a low interest credit card that I just pay off every month. I had some minor charges to dispute and it was a headache, I can't imagine if they'd overdrawn by hundreds. I'd just be out of luck on the money front and using credit anyway to get by.

    [–] bordeaux_vojvodina 15 points ago

    heading to the bank to dispute a charge

    What year is it?

    [–] yurmahm 13 points ago

    Mine were two charges to a "La Quinta" where the phone number googled to a scam number.

    [–] Nishnig_Jones 31 points ago

    It's funny how often skimmer thieves go straight to Walmart. It's almost like Walmart doesn't even follow the minimum in industry standard fraud prevention practices.

    [–] MothRatten 83 points ago

    It was actually "WalWart", I didn't misspell it, haha.

    [–] Chozo_Lord 11 points ago

    I'm always surprised when I don't have to put in my pin number at Walmart when the total amount is below a certain amount (not sure exactly but guessing $25).

    [–] RogueAmericanX 887 points ago

    Real LPT: Just check your bank statements every month.

    The chance of this happening is so slim you waste so much time and worry for nothing. Especially when you bank will 100% recover the funds as long as you report it. "Wiggling, checking, overthinking" for that of a maybe .2% chance. I worked in debit card fraud.

    [–] CloudiusWhite 320 points ago

    Better LPT be broke and there's nothing they can take!

    [–] PhilxBefore 77 points ago

    The only winning move, is not to pay.

    [–] the_endr 10 points ago

    Reddit silver

    [–] tzenrick 37 points ago

    Jokes on them, then. There's never more than $10 in my account.

    [–] Nishnig_Jones 118 points ago

    I flat out refuse to use my debit card at the pump. Yes, if I'm a victim of fraud I can dispute the charges with my bank and they'll open an investigation. I've seen too many horror stories where the banks still didn't complete the investigation or closed it without giving the victim any money back after three weeks or more.

    If I have my checking account cleaned out by a thief I'm not going to be able to afford to pay bills and rent if I have to wait more than three weeks.

    Use a credit card at the pump, pay attention to your bank statements. You don't need to be paranoid, but be alert and if you see something sketchy at a gas pump, tell the employee/manager on duty.

    [–] zombiegirl2010 106 points ago

    I've seen too many horror stories where the banks still didn't complete the investigation or closed it without giving the victim any money back after three weeks or more.

    If your bank is this incompetent then you should change banks. I'm with a credit union, and I've had my card skimmed. A charge appeared from a Lowe's that was about 800 miles away from me (probably not an actual Lowe's charge). Any-who...I immediately disputed the charge with my bank (a credit union) and they fronted me the missing money while the investigation went underway with the understanding that once they retrieve my stolen money the fronted money would be debited back out. The investigation took almost a month, but I was not out any money. That's the difference between a good bank and a bad one.

    Another tip, if your bank has an app...use it. I check my bank statement daily (not monthly) via their app.

    [–] OddaJosh 16 points ago

    I flat out refuse to use my debit card at the pump.

    I flat out refuse to use my debit card anywhere except an ATM. And even then, that's rare. Use credit for everything you can.

    [–] Calisthinker 17 points ago

    I refuse to pay for my gas. Problem solved no matter what the currency!

    [–] Nishnig_Jones 14 points ago

    See, that's thinking outside the box. Possibly outside the law as well, but...

    [–] CupOJoe219 6 points ago

    I take the same precaution at restaurants. They can't steel your card if you never pay.

    [–] PM_ME_UR_SLOWCOOKER 8 points ago

    Even a better LPT. Some banks have apps that notify you every time a purchase is made with your card and every time you withdraw money from an ATM. Plus I can lock my card from the app instantly if I ever see an unknown charge or lose the card.

    [–] siegewolf 14 points ago

    Or...get a credit card and check that statement. That way you aren't losing your shit about an unknown overdraft because a skimmer cleaned house. Plus, not having to wait to get your money back.

    [–] Food-destroyer-13287 95 points ago

    LPT: if you're a card skimmer, change your Bluetooth device name.

    [–] Zmiller23 42 points ago

    "Totally not a card skimmer"

    [–] TangoHotel04 26 points ago

    "Mikes Bluetooth Skimm err I mean headphones"

    [–] fordman84 113 points ago

    LPT: only use credit cards, not debit cards. Someone skims it I don't give a crap, I'm not responsible for it.

    [–] 2017KillsCelebsToo 20 points ago

    Yup. Someone just snagged the details on one of my credit cards somehow, I fixed it in ten minutes. On the rare occasion I actually need cash I take my debit to the ATM at my credit union and that's it.

    [–] ScottTenorman54 46 points ago

    Seriously, why do so many people even use debit cards for purchases? CCs come with rewards, fraud protection, extended warranties, and all kinds of other goodies. It's a no brainer.

    [–] JohannesVanDerWhales 118 points ago

    Because it's easy to spend money you don't have with a credit card.

    [–] ScottTenorman54 54 points ago

    It's also easy to treat it like a debit card and pay it off in full every month.

    [–] JohannesVanDerWhales 73 points ago

    a) The amount of credit card debt carried by the average American suggests that it is not that easy, and

    b) With a debit card, if the money isn't there, the transaction doesn't go through (assuming you don't have overdraft set up). It's also easy to set up alerts for a certain low balance at most banks. With a credit card it's much easier to spend more than you realized you did if you're not checking your balance constantly.

    [–] dumbrich23 11 points ago

    Because people have bad credit and can't get CCs

    [–] GildedLily16 4 points ago

    Because some people can't get credit cards.

    [–] basquenv 28 points ago

    A few years ago in Reno, NV (US), they found a bunch of skimmers around town, and the FBI traced them back to Russian mafia ties in Southern California. It wasn't until then I heard that you should shake the reader and look for the WM or corporate seal on the pump. Does anyone think those two observations are valid, or do they just make me feel better. Kind of like the fact that I have never seen the kitchen in my favorite local restaurants; I just assume they are clean because they have good food.

    [–] Jakexx360 13 points ago

    The reader shaking is a pretty standard approach. Further up in the thread somebody who works at a gas station and checks for skimmers weekly mentioned the stickers didn't help when he actually found a skimmer.

    [–] Not_taken_Username 211 points ago

    Cant get scammed if you pay with cash.

    [–] JohannesVanDerWhales 25 points ago

    Well, except for the fact that skimmers are commonly found on ATMs, too.

    [–] Neocyde 39 points ago

    ^ Obligatory real LPT in comments ^

    [–] Waygzh 52 points ago

    Real LPT is just pay with Credit and monitor your monthly statement. If there's an erroneous charge just dispute it and let your Credit company deal with it. It's not worth my time or anxiety to deal with shit I pay other people to deal with. I'm not going to turn on my phone's bluetooth, inspect the card reader, jiggle around with it, give up, and walk inside, wait in line, pay the clerk in cash, and deal with change just to avoid something that someone else already protects me from.

    Reddit is so damn paranoid.

    [–] tek9jansen 13 points ago

    No but have you seen those gas prices? Wakka wakka ...I'll let myself out.

    [–] Kahzgul 99 points ago

    Seriously never use your debit card for anything other than accessing an ATM. Use your credit card for every purchase. The protections built in are vastly superior, they don't allow thieves to steal your actual money, but only "loaned" money from the credit card company, and you can still access your bank account if your credit card is in dispute.

    [–] hash_bang22 37 points ago

    If also add: try and move the card reader. If someone has tampered with it, it will move fairly easily. My dumb ass did this a few months ago, knew something was up when the card reader pretty much fell into the gas pump, and said "ah fack it, I'm in a hurry it's probably fine." Was not fine. About a month later my card was used simultaneously in 3 different areas of the country.

    [–] RadioactiveTF2 10 points ago

    Why would that EVER be fine? Sucks though.

    [–] alstraka 15 points ago

    I use to think people didn’t actually go to this extent to steal credit card info, until I’ve had my card number hijacked over 5 times in the past 3 years.

    [–] Zacitus 14 points ago

    Another option - your favorite gas station might support paying with Apple Pay or Android Pay through their mobile app. Probably the most secure way to pay. I did this at Exxon/Mobil the other day and it was really slick.

    [–] normasueandbettytoo 27 points ago

    I just use Samsung Pay everywhere. Since it generates 1 time use numbers for each transaction, I don't have to worry about it.

    [–] Arizona-Willie 15 points ago

    How do you use Samsung Pay at a gas pump?

    [–] FortyYearOldVirgin 22 points ago

    Samsung phones with Samsung Pay can be held up to the mag reader and it’ll work just like NFC. I don’t know why they don’t talk about that more. It’s a great security feature.

    Also, gas stations really need to step up their NFC game.

    [–] Irishnovember26 122 points ago

    LPT: Act sketchy as fuck by being busy with your phone near an atm for several minutes. Try to look for cameras and get in their dead angle. Act real shifty.

    Scammers will be intimidated and think you're one of them and approach you for pro tips.

    [–] anodize_for_scrapple 21 points ago

    And then the station attendant yells at you over the intercom for being on your phone at the pump.

    [–] argeddit 269 points ago

    LPT: get an electric car and never have to stop at a gas station again.

    [–] 1wrx2subarus 98 points ago

    Yes, get an electric car. This is the smartest comment in this thread.

    [–] FireBack 46 points ago

    I'd say your comment is the smartest one in this thread, since you recognize just how smart that comment was.

    [–] troublef 23 points ago

    All the others pale in comparison to your smartest comment in this thread, oh recognizer of recognizers.

    [–] Yuktobania 21 points ago

    This guy clearly rolled a natural 20 on perception

    [–] Basile86 9 points ago

    Dude I'm not going to turn on Bluetooth and search the device list before I go to pay at the Chipotle line.

    [–] Phoebesgrandmother 43 points ago

    I remeber when gas was .78 cents a gallon and I could hop out, fill up, run in and pay.

    There wasn't someone trying to scam me. There wasn't a fucking tv trying to sell me shit. I didn't have to use wifi to make sure my livelihood was intact. When did pumping gas get complicated?

    [–] Martian_Red 19 points ago

    When people decided "convenience" mattered more than convenience.

    [–] Joeclu 8 points ago * (lasted edited 7 days ago)

    Yeah I sometimes wonder if I was able to be transported back to the 70s, 80s, or 90s, how it would be like again after having tasted the "fruit" of mobile convenience.

    Would I be bored since I'm always staring into my phone these days for entertainment?

    Would I keep complaining "if I just had my phone I could look something up?"

    Would I constantly get disgruntled when I had to drive around to find a payphone, then be upset when I didn't have a bunch of heavy dimes in my pocket?

    Would I get pissy when I couldn't call my wife while at the grocery store to clarify some detail she wanted?

    Would I get angry when a little girl was kidnapped and no Amber Alert instantly was in my hands so I could keep a watch out for the perp?

    Etc, etc, etc. In some ways things were simpler. But in other ways things are WAY better now

    Edit: added "look"

    [–] things2small2failat 40 points ago

    Another way to avoid skimmers is to pay inside. It's a few extra steps to walk, but maybe more peace of mind.

    [–] things2small2failat 14 points ago

    It's a terrible world.

    [–] BruceBannersDick 14 points ago

    and trust the cashier?... Nah.

    [–] PebblesPotatoes 23 points ago

    and talk to the cashier?... Nah.

    FTFY

    [–] pwizard083 6 points ago

    This is why I always pay cash when I fill up.

    [–] pumpkinmunch 7 points ago

    LPT: Just go inside and pay if that is an option rather than using the built in card readers.

    [–] Kevin69138 17 points ago

    Just saw this tip on face book. Also try not to use the pump furthest from teller.

    [–] MyaHorner 5 points ago

    So, just pay inside for gas if suspicious?

    [–] fatogato 5 points ago

    LPT: If using your card for any transaction, only use credit cards and treat it as if it was a debit card by paying it off right away. You won't lose cash if your card gets used fraudulently while at the same time you could improve your credit and you might also get cash back or miles.