Can you guess what kind of credentials it takes to purchase an automated teller machine online? If you guessed "none whatsoever," you're right! All it takes is a quick look on eBay to see ATMs for sale that anyone could buy. If the seller is irresponsible, the ATM could even retain a list of users along with their personal data [source: Siciliano]. Security flaws have been discovered in some older ATM models, and if they're not updated, it's possible to access their sensitive data with a default administrator password [source: Poulsen].
If hackers or skimmers gain access to the information stored on your debit card's magnetic strip, they may be able to make purchases without bothering to discover your PIN. ATM withdrawals require the PIN number, but online retailers don't need it -- and some of them don't ask for the debit/credit card security codes, either [source: Schwartz]. Skimmers who successfully obtain both your PIN number and debit information will transfer your data to a blank debit gift card, then use it at an ATM to make withdrawals [source: Schultz].
No matter how you look at it, ATM skimming is a serious problem. Between April and May 2009, a skimming operation targeted four Bank of America locations in Long Island, New York, stealing a grand total of $217,000 from 100 to 200 accounts [source: Gardiner]. And while it's important to be wary of skimming, keep in mind that banks like Bank of America will reimburse customers who find their accounts wiped out by thieves wielding skimmers and cloned debit cards.
If ATM skimming is so serious and high-tech now, what dangers do we face with our debit and credit cards in the future? The next evolution for credit cards revolves around RFID tags -- and those can be skimmed, too.