Security & Fraud

ALDI Stores Hit With Credit Card Skimmer

ALDI, the grocery store operator, is being targeted by scammers who are installing credit card skimmers on top of point-of-sale terminals in plain sight.

According to news from TechCrunch on Thursday (Feb. 8), police in Lower Pottsgrove, Pennsylvania, have pinpointed a group of thieves as the culprits. They’ve been installing camouflaged skimmers on ALDI credit card terminals right in front of surveillance cameras. Because the skimmers look exactly like legitimate credit card terminals, employees and customers alike have been tricked.

In a blog post covered by TechCrunch, security researcher Brian Krebs said ALDI has yet to install chip-enabled credit cards, even though the company accepts mobile contactless payments, including Apple Pay and Google Pay.

“This is important because these overlay skimmers are designed to steal card data stored on the magnetic stripe when customers swipe their cards,” Krebs wrote.

While there is little recourse for unsuspecting ALDI customers, one startup is aiming to help consumers when they fill up their vehicles at the gas pump. In the fall, Sparkfun created a new mobile app that sets off an alarm if a skimmer is nearby. The app, dubbed Skimmer Scanner, looks for Bluetooth transmissions, talks to the source and determines whether it’s a skimmer or not, reported Forbes. If the app detects questionable behavior, it will send an alert to your smartphone.

The company behind the app has worked with law enforcement agencies and has a deep understanding of how skimmers behave. Skimmer Scanner, which works primarily on skimmers installed at the gas pump, can be downloaded at the Google Play store. There isn’t an iOS version yet, however.

The new app comes at a time when gas station-installed skimmers are growing in popularity among hackers. According to media reports earlier this summer, police have discovered a new credit card skimmer that connects to the inside of a gas station pump and is able to send stolen data via SMS.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.