Credit card fraudsters exploit various methods to capture card information. One of the common methods is to duplicate the credit cards by skimming. In this study, we introduce a new point of compromise detection method in order to trace and identify merchants where the skimming operation took place and card information has been captured by criminals. The proposed method first extracts discriminative features by using principle component analysis(PCA) and Autoencoder extractors and then it clusters similar fraudulent transactions with K-Means algorithm, afterwards it highlights possible merchants that are involved in this scheme by finding matching merchants in the produced clusters with a retrospective analysis of all transactions. Our experiments showed that the proposed method could achieve promising results with zero-knowledge on the existing skimming points. The application of our proposed method on real-life card transactions enabled us to pinpoint 7 out of 9 point of compromise previously identified by the reporting bank.