Just over a month after the FBI began warning global banks to be on the lookout for the “Unlimited” ATM Cashout Blitz attacks that could drain the machines of all their holdings, the Secret Service is warning financial institutions of a surge in ATM "Wiretapping" attacks.Also known as eavesdropping, the advanced skimming techniques were spotted in Europe as far back as 2014 and involve an attacker drilling a relatively large hole in the front of an ATM to install an internal card skimming device along with either a pinhole sized camera or a false keypad, to steal user PINs, according to KrebsOnSecurity.
The hole is then concealed with a false plate often displaying the bank’s logo. This type of skimming attack is often harder to detect as since the devices are embedded in the machine making them harder to spot.
To defend against these attacks, researchers recommend users always pay attention to the ATMs they use and look for signs of tampering, use machines in well trafficked places rather than those that are secluded, and always cover their hand and key pad while entering their PIN.“Sure, there is still a chance that thieves could use a PIN-pad overlay device to capture your PIN, but in my experience institutions these are far less common than hidden cameras (and quite a bit more costly for thieves who aren’t making their own skimmers),” KrebsOnSecurity said. “Done properly, covering the PIN pad with your hand could even block hidden cameras like those embedded in the phony PIN pad security shield.”
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
