COSTA MESA (CBSLA) — Visa warned customers Monday after learning that cyber crime groups were actively exploiting a weakness in gas station networks to steal customer credit card information.

“A lot of times, not only the government, but businesses critical underrate and under-utilize cyber security,” one customer said.

The new scheme involves accessing the gas station’s point-of-sale networks through malicious emails that then install scraping software to exploit the lack of security with cards that lack a chip.

At least one gas station manager said lately a handful of customers had called to complain that they were charged for gas they didn’t buy.

“They’ll be saying stuff such as, ‘OK, I pumped this many amount of gas, but I was charged for this much,” Anthony Vallejo, a gas station manager, said.

The issue does not seem to affect newer cards with chip, but most gas stations still allow people to swipe their cards since not every card has a chip.

“When you are just inserting the chip, you are given more security,” Vallejo said.


But for those who swipe their card, the data is sent in an un-encrypted form to the vendor’s main network where the thieves have figured out how to intercept it.

“It’s a little bit crazy,” one customer said. “I hope they don’t steal from me.”