Contents
Shimming is a relatively new type of fraud, which in its essence is an even more technically advanced form of skimming. A device that reads information from a bank customer's card at an ATM is thinner than a human hair. It is completely invisible, which allows fraudsters to empty bank "plastic" with practical impunity, and at the same time remain unnoticed. According to representatives of the Cisco company, as a result of this type of fraud, bank customers annually lose millions of dollars a year.
Shimming is a scam technology
If earlier fraudsters used bulky covers on ATMs to read data from the magnetic stripe of the card, then shimming devices, unlike skimming ones, are absolutely invisible. They represent a flexible board ("pwm"), which is inserted into the card capture reader in a very clever way - using a special carrier card. This is how a thin "PWM" is connected to the contacts that read data from the magnetic stripe. After removing the carrier card, the fraudulent device remains in the ATM and is “ready to use”.
When data is entered, the shimmer starts its work and reads all the card data. The thin and flexible pad does not interfere with the insertion of plastic cards, since the shimming device is 2 times thinner than a human hair!
By analogy with skimming, "shim" copies information from cards inserted into the slot of the card reader by unsuspecting people, after which the criminals make duplicate cards, with the help of which they empty other people's bank accounts.
Representatives of many banks consider this type of fraud to be a kind of “art” of fraud. But the consequences of such "art" are sad and provide for responsibility in the form of restriction of freedom. This method of fraud is especially popular in European countries.
Among the leading banking networks, the main methods of struggle are to create a special electromagnetic field that prevents unauthorized devices from reading card data, thus guaranteeing reliable protection for the owner of the banking "plastic".
And how are we?
According to representatives of banks, this type of fraud has not yet been encountered. Cases of banks 'clients' appeals in connection with this technology of theft of funds from the card have not yet been recorded. Skimming remains the main type of card fraud in our country.
Representatives of the UniCredit bank say that today there are great doubts that the shimming technology will take root in the fraudulent environment - it is technically difficult to implement and inherently quite expensive. It is much simpler and more affordable to use conventional skimming pads. Moreover, if there are traditional protection and precautions against skimming (do not write the pin code on the back of the card, use SMS notifications, use ATMs in crowded places, and visually assess the state of the card collector before inserting the card).
Countermeasures
The shimming device is simply impossible to notice. But it must be borne in mind that for a fraudster, only copying information from the magnetic stripe is not enough - he needs to spy on the pin code. This is done using miniature cameras or using a keyboard overlay. There are also more exotic methods for recognizing the pin code, but in any case, following the recommendations of protection against skimming will help to save yourself from shimming. For example, covering the keyboard with your free hand when entering the pin-code will not allow spy mini-video cameras to fix it!
As mentioned above, the introduction and popularization of this method of fraud is just a matter of time, so here you should remember an important rule of success in any business: "Forewarned is forearmed." Therefore, the only reliable protection against shimming today is the use of chip cards. Even if it is possible to copy the information from the magnetic stripe of the card, it is not technically possible to copy the information from the chip. In any case, until today such a variant of fraud has not been recorded in the world.
Another popular recommendation of representatives of banking institutions is to use cards exclusively as payment instruments (to pay for purchases and services in stores), and not for withdrawing cash from ATMs.
Banking technologies do not stand still, as well as technologies of fraudulent schemes. Therefore, it is very important to monitor the current fraud options in order to take all possible measures to protect and save personal funds in time.
- 1. Shimming is a scam technology
- 2. And how are we?
- 3. Countermeasures
Shimming is a relatively new type of fraud, which in its essence is an even more technically advanced form of skimming. A device that reads information from a bank customer's card at an ATM is thinner than a human hair. It is completely invisible, which allows fraudsters to empty bank "plastic" with practical impunity, and at the same time remain unnoticed. According to representatives of the Cisco company, as a result of this type of fraud, bank customers annually lose millions of dollars a year.
Shimming is a scam technology
If earlier fraudsters used bulky covers on ATMs to read data from the magnetic stripe of the card, then shimming devices, unlike skimming ones, are absolutely invisible. They represent a flexible board ("pwm"), which is inserted into the card capture reader in a very clever way - using a special carrier card. This is how a thin "PWM" is connected to the contacts that read data from the magnetic stripe. After removing the carrier card, the fraudulent device remains in the ATM and is “ready to use”.
When data is entered, the shimmer starts its work and reads all the card data. The thin and flexible pad does not interfere with the insertion of plastic cards, since the shimming device is 2 times thinner than a human hair!
By analogy with skimming, "shim" copies information from cards inserted into the slot of the card reader by unsuspecting people, after which the criminals make duplicate cards, with the help of which they empty other people's bank accounts.
Representatives of many banks consider this type of fraud to be a kind of “art” of fraud. But the consequences of such "art" are sad and provide for responsibility in the form of restriction of freedom. This method of fraud is especially popular in European countries.
Among the leading banking networks, the main methods of struggle are to create a special electromagnetic field that prevents unauthorized devices from reading card data, thus guaranteeing reliable protection for the owner of the banking "plastic".
And how are we?
According to representatives of banks, this type of fraud has not yet been encountered. Cases of banks 'clients' appeals in connection with this technology of theft of funds from the card have not yet been recorded. Skimming remains the main type of card fraud in our country.
Representatives of the UniCredit bank say that today there are great doubts that the shimming technology will take root in the fraudulent environment - it is technically difficult to implement and inherently quite expensive. It is much simpler and more affordable to use conventional skimming pads. Moreover, if there are traditional protection and precautions against skimming (do not write the pin code on the back of the card, use SMS notifications, use ATMs in crowded places, and visually assess the state of the card collector before inserting the card).
Countermeasures
The shimming device is simply impossible to notice. But it must be borne in mind that for a fraudster, only copying information from the magnetic stripe is not enough - he needs to spy on the pin code. This is done using miniature cameras or using a keyboard overlay. There are also more exotic methods for recognizing the pin code, but in any case, following the recommendations of protection against skimming will help to save yourself from shimming. For example, covering the keyboard with your free hand when entering the pin-code will not allow spy mini-video cameras to fix it!
As mentioned above, the introduction and popularization of this method of fraud is just a matter of time, so here you should remember an important rule of success in any business: "Forewarned is forearmed." Therefore, the only reliable protection against shimming today is the use of chip cards. Even if it is possible to copy the information from the magnetic stripe of the card, it is not technically possible to copy the information from the chip. In any case, until today such a variant of fraud has not been recorded in the world.
Another popular recommendation of representatives of banking institutions is to use cards exclusively as payment instruments (to pay for purchases and services in stores), and not for withdrawing cash from ATMs.
Banking technologies do not stand still, as well as technologies of fraudulent schemes. Therefore, it is very important to monitor the current fraud options in order to take all possible measures to protect and save personal funds in time.
