Gas station payment terminals have many of the characteristics card fraudsters love, McNelley says. "In a gas station, where you have a whole bunch of pay-at-the-pump kinds of things and minimal supervision, it's pretty easy for a bad guy to put a skimming device on, put a little pinpoint camera there, and compromise debit cards that way," McNelley says. Thieves often use small cameras to capture footage of debit card users entering their PINs so they can have free access to their money. She says even if the thief doesn't manage to get your debit card personal identification number, or PIN, from such a device, he still may be able to duplicate the card's magnetic strip, and use it for "sign and swipe" Visa or MasterCard transactions. With the high potential for fraud in pay-at-the-pump debit transactions, it might make sense to use an alternative, such as cash or credit cards, the next time you fill up.
The Web is a risky place. Debit cards are a convenient way to buy products online, especially for those who don't like to use credit cards. Unfortunately, the Web is one of the most dangerous places to make purchases, McNelley says. "Online is the No. 1 place where consumers should not use debit cards," she says. "It's susceptible at so many points. "The consumer could have malware on their computer, so it could be at their endpoint the data get compromised. "It could be a man-in-the-middle attack, where somebody is eavesdropping on their communications via the wireless network. "At the other end, that data goes into a database at the merchant. "As we've seen with some of the higher-profile breach events over the last year or so, that data is going to be vulnerable if not properly cared for."