If you want to listen to our past podcasts hit up our Podcasts Page and download the latest episodes.
Our good friends at CSI Tech just put their RAM ANALYSIS COURSE ONLINE – FINALLY.
The course is designed for Hi-Tech Crime Units and other digital investigators who want to leverage RAM to acquire evidence or intelligence which may be difficult or even impossible to acquire from disk. The course does not focus on the complex structures and technology behind how RAM works but rather how an investigator can extract what they need for an investigation quickly and simply.
ATM skimmers that steal card payment and PIN data aren’t a new phenomenon, but the scam is increasing in regularity. A Google News search revealed over 1700 articles about skimmers in the past thirty days, and there are probably thousands out there that haven’t been discovered yet. Some of the skimmers are custom made faceplates that attach over the existing reader, and look exactly like the real components underneath. Another type, called an insert-skimmer, is an extremely thin reader that thieves can insert inside the card reader. Unlike the overlay skimmers that may be found by jiggling the ATM pieces; the inserts can only be detected by a maintenance employee doing an internal inspection. Recently a newer interception device was discovered in Europe. Fraudsters actually drill a small hole and insert wires to the card reader internally, then cover the hole with an official looking decal. All of these are coupled with a pin-hole camera mounted on another part of the machine, is then used to capture the target’s PIN.
Being skimmed at the gas pump and retail outlets
Thieves have started adding skimmers to gas pumps and other point of sale (POS) systems recently. There have been over 300 discovered in Florida gas pumps this year already! Most skimmers at gas pumps are installed inside the pump, and some fraudsters are using fake security tape to mask the tampering. At POS terminals criminals use a look-a-like overlay that they can easily snap on top. Krebs did a really good write up on spotting overlay skimmers, by comparing the dimensions to normal ones.
How thieves are retrieving the data
Originally skimmed data was only able to be obtained by retrieving the skimmer from the machine, and many still operate in this manner. It’s riskier to the criminal to return to the scene again, so many have devised ways to retrieve the data remotely. The most sophisticated devices have GSM built in, and send encrypted texts of the card and PIN data to the criminals. Others have Bluetooth transmission availability that transmit to the criminal’s phone when they connect nearby; or transmit to a device hidden somewhere in proximity.
How you can protect yourself
At gas pumps and POS outlets:
Use well-lit pumps closest to the store, as they are more easily monitored by staff.
Report any signs of suspicious behavior or tampering immediately. Look for intact security tape.
Use cash or pay inside when you can.
Hide your pin from view by covering the pin pad with your free hand