I'm being bombarded with ads for RFID wallets. Does RFID card skimming actually happen?

So yes and no (I'm a little bit rusty in this area).

Most of the money involved in "contactless" fraud is due the actual card being stolen. Whilst an attacker can listen and replay your transaction, it is highly unlikely that they can replay it elsewhere and steal money. This is due to security built into the card. If I recall correctly, there has been more success with hijacking payments made via phone payment applications (mainly 3rd party).

Most of the attacks we know about are people harvesting data picked up from work ID cards to be sold later.

This doesn't rule out that an attack can happen as this is still an developing field. If I understood it correctly, an attacker can make a fraudulent purchase if they make it before the original goes through. This would probably require the intended payment method to be compromised as well.

The issue that was noted in the past was the ease of using details skimmed from the card with an online store that omitted the normal card security checks.

Anyway, you are highly unlikely to be a victim here, we are talking 0.1-1% of all card fraud (2015 figures). I'd be more concerned about personal information being stolen from your ID cards and phone itself (via fake wifi access points (Should have been patched by now??)).

/r/AskUK Thread