Control Room: How to survive the Golden Age of scamming

The criminal infrastructure driving today’s biggest identity theft scams

Robert Siciliano didn’t come to security theory by accident. After a childhood experience that sparked his interest in self-defense—and later, a small-business hack that led to thousands in credit card fraud—he dedicated his career to security awareness.

His core belief is simple: all security is personal security. Identity theft prevention starts with individual habits, awareness, and mindset.

Watch the full Control Room episode on YouTube to learn more.

The threats you can’t see

When people think about identity theft scams, they often picture phishing emails or shady phone calls. But some of the most effective attacks happen in the physical world.

Skimming 101

Many U.S. payment cards still rely on magnetic stripe technology, which is far easier to exploit than modern chip-based systems. Criminals take advantage of this with skimming devices—often 3D-printed facades clipped directly over card slots at ATMs or gas pumps.

Hidden cameras, sometimes mounted nearby or disguised as part of the machine, capture PIN entries. Once criminals have both the card data and the PIN, they clone cards and drain accounts often after midnight, when detection is slower.

Shimming: Even harder to detect

Shimming is the quieter evolution of skimming. These ultra-thin devices are inserted inside the card slot, making them nearly impossible to spot. They can capture chip data and sometimes pair with keypad overlays to collect PINs.

The stolen data is often transmitted wirelessly via Bluetooth or SMS to criminals waiting nearby.

What You Can Do

There’s no perfect defense for identity theft, but a few habits dramatically reduce risk:

• Use ATMs located inside bank branches whenever possible
• Tug or wiggle the card slot—if anything feels loose or pops off, walk away
• Don’t assume you’ll always see a compromise; many devices are designed to blend in

Why identity theft scams work and why security starts with you

Identity theft scams work because crime is now run like a business. It is specialized, optimized, and scaled while many people still assume, “That won’t happen to me.” Security isn’t a technical issue so much as a personal one, rooted in habits and mindset: slowing down, verifying instead of trusting by default, and noticing red flags before damage is done. Scammers succeed by exploiting something deeply human—trust. As Robert Siciliano’s explains, most people are trustworthy, but a small percentage are not, and they use urgency, fear, empathy, and helpfulness to manipulate without guilt or remorse. Being prepared for that reality isn’t paranoia—it’s control. Just like wearing a seatbelt, identity theft protection is about putting simple systems in place to reduce risk.

Stay one step ahead of today’s scams

Join us every Wednesday at 5 p.m. ET / 2 p.m. PT on the LifeLock YouTube channel for a new episode of Control Room. Each week, we break down emerging scam tactics, explain how fraudsters are operating right now, and share clear, practical steps you can take to protect your identity with confidence.