mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
chg: [attck4fraud] ATM Shimming added
This commit is contained in:
parent
779bc4a6a0
commit
2419a33807
1 changed files with 24 additions and 0 deletions
|
@ -83,6 +83,30 @@
|
|||
},
|
||||
"uuid": "0e45e11c-9c24-49a2-b1fe-5d78a235844b",
|
||||
"value": "ATM skimming"
|
||||
},
|
||||
{
|
||||
"description": "ATM Shimming refers to the act of capturing a bank card data accessing the EMV chip installed on the card while presenting the card to a ATM. Due to their low profile, shimmers can be fit inside ATM card readers and are therefore more difficult to detect.",
|
||||
"meta": {
|
||||
"detection": "Inspection of motorised card slot for the presence of unrecognised devices; Visual evidence of tampering with the ATM.",
|
||||
"examples": [
|
||||
"Shimmer device found inside a Diebold Opteva 520",
|
||||
"Shimmer installed inside point-of-sale terminals at Coquitlam"
|
||||
],
|
||||
"external_id": "FT1004",
|
||||
"kill_chain": [
|
||||
"fraud-tactics:Initiation"
|
||||
],
|
||||
"mitigation": "Cover the numerical input pad while entering the PIN (customer); Avoid self-standing ATMs in isolated areas (customer); Anti-skimming technology: metal detection for card readers, card jitter motion (enterprise); verification of transaction using the codes generated by the EMV chip (enterprise).",
|
||||
"refs": [
|
||||
"https://krebsonsecurity.com/2015/08/chip-card-atm-shimmer-found-in-mexico/",
|
||||
"https://www.cbc.ca/news/canada/british-columbia/shimmers-criminal-chip-card-reader-fraud-1.3953438",
|
||||
"https://krebsonsecurity.com/2017/01/atm-shimmers-target-chip-based-cards/",
|
||||
"https://blog.dieboldnixdorf.com/atm-security-skimming-vs-shimming/"
|
||||
],
|
||||
"victim": "end customer, enterprise"
|
||||
},
|
||||
"uuid": "469d22c1-7a73-4034-a449-74db7f021255",
|
||||
"value": "ATM Shimming"
|
||||
}
|
||||
],
|
||||
"version": 1
|
||||
|
|
Loading…
Reference in a new issue