Skip main navigation

New offer! Get 30% off one whole year of Unlimited learning. Subscribe for just £249.99 £174.99. New subscribers only T&Cs apply

Find out more

Defining Dumpster Diving

In this video Lisa Gilbert will explain dumpster diving, explore the main objectives of this type of social engineering attack, and who is at risk.
Hello and welcome to section 1.6 of the attacks course, Dumpster Diving. I’m Lisa Gilbert, and I will be sharing a lot of helpful information so you can understand this type of attack and defend against it. In our discussion of dumpster diving, I will first define dumpster diving and why it’s important to understand and prevent. Next, I will discuss what attackers are trying to accomplish. Then I will explain exactly who is at risk and explore the red flags and warning signs that an attack could take place. We will also explore some of the tactics used by attackers, and I will share real life examples. Lastly, I will describe how you can protect yourself and your organizaton from dumpster diving attacks.
Dumpster diving is a completely low tech physical attack that involves searching through trash for information that could be used in a cyber attack. Remember that one man’s trash is another man’s treasure. Just because you don’t need that credit card statement after you paid your bill doesn’t mean that someone attempting to steal your identity wouldn’t find it very useful. The same is true of your organizaton’s intellectual property or trade secrets. What are attackers searching for in dumpster diving? Keep in mind they are motivated enough to search through your trash, so what they’re looking for must be valuable to them. In the case of a company’s refuse, they may be looking for the full names of employees, business partners, and contractors.
Account login credentials would be considered gold. They may also be looking for marketing information, email addresses of employees, sensitive customer or employee information, company operations information, corporate secrets, medical records, bank statements or other financial information, or technical support logs. The new year is often a treasure trove for dumpster divers because people discard old calendars and journals that may have valuable notes recorded in them. Who is at risk for a dumpster diving attack? Anyone who discards interesting trash would be at risk. What is interesting? All the things listed before. Even private individuals should not discard things like bank or credit card statements, medical bills, et cetera.
On a corporate level, you want to make sure not to improperly discard anything that could put your organizaton at risk.

In this video you will learn more about dumpster diving, to complement your learning from the previous course. We will explore the main objectives of this type of social engineering attack and identify who is at risk.

This article is from the free online

Cyber Security Foundations: Common Malware Attacks and Defense Strategies

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now