Speak Asia Online Money Earning: SPEAK ASIA Online Income
Make Money Online & Earn Online Income @ RAM SURVEY
Add me as a friend on FACEBOOK: CLICK HERE to add me on FaceBook

Receive Daily Updates

Enter your email address:

Thursday, July 9, 2009

Social Engineering Techniques: Dumpster Diving

Information that companies consider sensitive is thrown out daily in the normal garbage cans. Attackers can successfully retrieve this data by literally climbing into the company dumpsters and pilfering through the garbage. Information such as names, Social Security numbers,
addresses, phone numbers, account numbers, balances, and so forth is thrown out every day somewhere. I personally know a nationally recognized movie rental company that still uses carbon paper in its fax machine. Once the roll is used up they simply throw the entire
roll in the dumpster. The information on that roll is priceless, including names, addresses, account numbers, phone numbers, how much they actually pay for their movies, and so forth.
Another social engineering attack that also proves to be very successful is when an attacker dresses in the uniform of those personnel considered honest and important or even expensive. For example; an attacker purchases/steals the uniform of a carrier, telephone, or gas or electric employee and appears carrying boxes and/or clipboards, pens, tools,
etc. and perhaps even an official-looking identification badge or a dolly carrying equipment. These attackers generally have unchallenged access throughout the building as employees tend to see through these types of people. When is the last time you challenged
one of these personnel to verify their credentials?
This attack is very risky as the attacker can now be personally identified should he or she get caught. Again, this attack is normally very successful so bear this in mind.
---Regards, Amarjit Singh

1 Visitor Reactions & Comments:

Angel said...

Good post! Just subscribed to your blog. Please keep updating...