Featured_[dumpster-diver-prevention]

What is Dumpster Diving Attack and How To Prevent it

Maintaining personal privacy is by no means just taking care of our online activities and monitoring our online presence.

Our physical behaviour in the physical world tends to reveal so much about us. Unknowingly to many, the unwanted trash we dispose of daily may become a treasure trove for someone interested in it.

As the old saying goes, “One man’s trash is another man’s treasure“.

A recent study by the University of Southern Indiana reveals that the average American disposes approximately of 680 pounds (308 kg) of paper waste annually.

These consists of paper bills, invoices, grocery bags, gift boxes, etc.

What is Dumpster Diving

Dumpster diving is the name given to an act of searching through unwanted trash to look for valuables in either physical items that can be produced for monetary profits or in the form of sensitive information about an individual that can be manipulated for identity theft purposes.

What is Identity Theft

Identity theft is a criminal offence in which one accesses the victim’s information without the victim’s knowledge and permission and uses it to commit illegal activities such as fraud and cheating.

This act usually involves impersonation and can also be used to sell this confidential information online for a profit.

One example will be opening new credit accounts under the victim’s credentials and using the victim’s credit card without consent and under impersonation.

What can dumpster divers find in your disposed waste?

A motivated dumpster diver can easily find, and not limited to, the following; 

  • Credit card & bank information
  • Utility bills
  • Insurance policy
  • Health-related information
  • Property notices
  • Any other government letters addressed to you
  • Passwords you scribbled
  • Notes that you had written before (e.g. containing email addresses and account numbers)
  • Your handwriting and signature
  • Your unwanted belongings reflect your interests, personality and character

What are the motivations behind dumpster divers?

A motivated dumpster diver does it for mainly these reasons;

  • For money – criminal activities involving identity theft or buying & selling identities online,
  • For a hobby, for fun, or revenge,
  • For corporate espionage and business intelligence purposes,
  • For finders-keepers mindset – finding valuables to keep or to sell for profit,
  • For survival – finding food and other necessities,  
  • For the love of the environment – helping to recycle and reuse materials properly,
  • Either a combination of all of the above.

Doing this for monetary purposes is often the primary motivation here. It does not matter if you are neither a famous nor a wealthy personality.

The sole purpose here is to gain as many real identities as possible for their first step. After that, they find how to make money in the later stages will come naturally. There are also dark markets online to buy and sell real identities.

What are the implications of a dumpster diver holding to all my sensitive information?

For credit card information, your full real name, residential address, actual bank account number and daily purchasing habits are now openly displayed for a dumpster diver. 

They may use this information for impersonation when calling the bank, for example, to change a new credit card towards a new residential address of their choice. 

The bank may ask for more details for verification, and the rest of the information you disposed of is crucial here. 

Insurance policy often details your date of birth and age. It also describes your health declaration. Coupling this with hospital and clinical letters, a good dumpster diver can depict a fuller picture of your profile. 

Professional dumpster divers will take what they find in your trash to another level. It is now easier to find you online using open-source intelligence (OSINT) techniques since they have all the necessary information.

These include your photo, interests, employment, and network of friends. With all these, impersonation through identity theft happens naturally from this point onwards.

How to prevent identity theft from dumpster diving?

Here are the four (4) ways you can use for prevention.

1. Convert all physical letters into electronic bills whenever possible

Nowadays, almost all banks and government bodies will encourage people to go green and offer paperless e-statements to their email addresses.

Sometimes, you may even be offered discounts and pay less if you opt for e-statements. So make fair use of this opportunity to go green and go private at the same time.

Ensure you have a reliable email address so you will not lose it.

2. Never dispose of letters that contain your unique identifier

It is highly advisable to keep them at home and avoid the convenient act of disposing of them in a trash bin as long as it contains your unique identifier.

The simple act of tearing away papers using bare hands will tell you that this method is reconstructable for a motivated dumpster diver.

It would be best to have a small reliable shredding machine at home.

3. Proper shredding of papers that contain sensitive information

In workplaces, we often see shredders and are continually encouraged to use them, especially for sensitive documents.

This practice also applies to our home environment, where we store personal documents containing our self-identity details. 

Every home should have a decent portable shredder for our daily use.

These shredders can handle paper documents, and most can also take in plastic materials such as CDs, DVDs and credit cards.

4. Engage a professional shredding company for those items that are hard to destroy

Depending on your documents’ location and size, it may be best to store them without discarding them for some time and call your professional shredding company to come down to perform a mass shredding exercise.

You can take the opportunity to dispose of bulky items, such as shredding voluminous files and even books.

Leave a Comment

Your email address will not be published. Required fields are marked *