This browser does not support the Video element.
(FOX 2) - But the second you do that, you may be being ripped off. All because of skimmers.
"The consumer does not even see the skimmer that is on there," said David Derigiotis. "The ones at the gas station are actually put on the inside of the machine so, you would never know just by looking at it."
Skimming happens when the crooks are able to open up the gas pump, and put in a reader to grab every single person's credit card number that's swiped.
FOX 2: "How do these bad guys put these devices on in the first place?"
"Unfortunately, it's easier than you think," said Derigiotis, a cybercrimes expert. "You can go online and purchase a universal key, come up to the pump and depending if it's an older one, and open it right up."
Here's what you can do. Grab your cell phone. Go to the blue tooth section and see what comes back.
"There's a little known trick that every person can do," he said. "If it's Bluetooth enabled which a lot of them are these days, you can simply use your phone. Activate your Bluetooth device on your phone and you can look and see if there are any unique letters or numbers as a network string that is tied to a device. That's all you can locate a skimming device."
You'll recognize the Bluetooth connected to cars and the ones that look totally different. Go inside and tell the attendant right away.
And while we're talking about protection, if tire shopping online this week? Create a new email account. Here's Why.
"Use an email address that is unique for your online shopping," Derigiotis said. "That way if something happens to it it will only be tied to those specific sites that you've been shopping with and that all of your other information like your banking or your social media."
And when you're online remember just because a website starts with the "https" doesn't mean it's legit. The bad guys are now using the same one.
"They are using the same exact encryption technology so just because you see that little padlock in the corner, it doesn't mean it is legitimate," he said. "You could be giving away your information to the wrong people."
Check to see where your email address may have been compromised. There's a site called "have I been pwned?" Go to https://haveibeenpwned.com/
There may be a lot of data breaches on your email that was likely involved in a way that you would have no idea. It's just another way to understand your exposure.