cybersecurity Glossary

What is Shimming?

Although it is a very common legitimate practice in certain industrial processes, shimming is a cyber-scam in cybersecurity. One is based on stealing credit card data stored in the credit card chip. That is a rather sophisticated practice that evolved from the classic theft of card data so widespread during the early 2010s.

The operation of this cyber-scam is simple in its execution but more complex in its development. First, the cybercriminals will need to get hold of a microchip and flash storage, the essential technological material to carry out the attack. The next step will be to insert this device into the ATM slot to defraud all those users who want to withdraw money and consult operations…

If it succeeds, the shim inserted in the slot will copy and store the information of the card inserted in the ATM to later use it for illegitimate purposes.