diff --git a/clusters/attck4fraud.json b/clusters/attck4fraud.json
index b075bca..5339145 100644
--- a/clusters/attck4fraud.json
+++ b/clusters/attck4fraud.json
@@ -83,6 +83,30 @@
       },
       "uuid": "0e45e11c-9c24-49a2-b1fe-5d78a235844b",
       "value": "ATM skimming"
+    },
+    {
+      "description": "ATM Shimming refers to the act of capturing a bank card data accessing the EMV chip installed on the card while presenting the card to a ATM. Due to their low profile, shimmers can be fit inside ATM card readers and are therefore more difficult to detect.",
+      "meta": {
+        "detection": "Inspection of motorised card slot for the presence of unrecognised devices; Visual evidence of tampering with the ATM.",
+        "examples": [
+          "Shimmer device found inside a Diebold Opteva 520",
+          "Shimmer installed inside point-of-sale terminals at Coquitlam"
+        ],
+        "external_id": "FT1004",
+        "kill_chain": [
+          "fraud-tactics:Initiation"
+        ],
+        "mitigation": "Cover the numerical input pad while entering the PIN (customer); Avoid self-standing ATMs in isolated areas (customer); Anti-skimming technology: metal detection for card readers, card jitter motion (enterprise); verification of transaction using the codes generated by the EMV chip (enterprise).",
+        "refs": [
+          "https://krebsonsecurity.com/2015/08/chip-card-atm-shimmer-found-in-mexico/",
+          "https://www.cbc.ca/news/canada/british-columbia/shimmers-criminal-chip-card-reader-fraud-1.3953438",
+          "https://krebsonsecurity.com/2017/01/atm-shimmers-target-chip-based-cards/",
+          "https://blog.dieboldnixdorf.com/atm-security-skimming-vs-shimming/"
+        ],
+        "victim": "end customer, enterprise"
+      },
+      "uuid": "469d22c1-7a73-4034-a449-74db7f021255",
+      "value": "ATM Shimming"
     }
   ],
   "version": 1