On this episode of the CyberSpeak with InfoSec Institute podcast, Stan Engelbrecht, director of cyber security practice for D3 Security, discusses a scary topic that we’ve been hearing a lot about on the news: the practice of ATM fraud and the implications for other swipe- and chip-based technologies.

In the podcast, Engelbrecht and host Chris Sienko discuss:

  • How did you get started in computers and security? (1:00)
  • When did the recent ATM attacks that the U.S. Secret Service has been warning financial institutions about begin? (4:00)
  • What warnings signs should ATM users be looking for to ensure they’re not putting their account information at risk? (7:20)
  • If you suspect an ATM is compromised, who do you report it to? (10:10)
  • Is the technique known as shimming, which uses paper-thin shims containing embedded microchips and flash storage to compromise payment cards, on the rise? (11:40)
  • Are there any tips for consumers who will be making additional transactions during the busy holiday season? (15:25)
  • Are tap-to-pay systems more or less safe than more traditional methods? (17:50)
  • What are the impediments to universal implementation of safer cards? (19:35)
  • Are newer ATMs better more secure? (20:55)
  • Are their any legislative incentives that could be implemented to make these devices more secure? (24:10)
  • Are there any new technologies or methods that can help secure these devices? (25:10)
  • Is the firmware/software side of the AMT issue being properly addressed? (28:50)
  • Can you tell us a little bit about your company, D3 Security? (31:25)

– Free security awareness resources: https://www2.infosecinstitute.com/free-resources
– Special offer for CyberSpeak with InfoSec Institute listeners!: https://www.infosecinstitute.com/podcast

About CyberSpeak with InfoSec Institute

Get security awareness and IT training insight direct from the trenches in this weekly podcast hosted by InfoSec Institute’s Chris Sienko. Each week on CyberSpeak with InfoSec Institute, IT and security practitioners share their insights into a new topic, including security awareness, IT and security careers and keeping organizations safe from cybercrime.