Dumpster Diving refers to the practice of searching through the trash or recycling bins of an organization or individual with the goal of obtaining sensitive or valuable information which can be misused by fraudsters for cyber attacks like phishing, spear phishing, identity theft etc.,

It is a type of social engineering attack that relies on exploiting human vulnerabilities for collecting sensitive information for misuse by fraudsters. This information can include confidential documents, discarded computer equipment, or other physical media that may contain sensitive information, such as passwords, account numbers, or other personally identifiable information.

Examples:

  • Misuse of discarded photocopies of confidential documents PAN card, Aadhar card, Bank pass book copies etc.,
  • Misuse of discarded computer equipment
  • Misuse of expired credit / debit cards,
  • Misuse of bank statement print outs etc.,