Advancing Associations

Gord Percy named 49th President of the PGA of Canada

13th May 2022

Golf Genius Software announces new Senior Advisor

29th Apr 2022

“The Experience Was Incredible for the Both of Us” | Gregory Molteni & Carolina Melgrati at ANWA

28th Apr 2022

OPINION: PGA of Slovenia President, Jure Čoh – How Pia Babnik’s Success Could Be a Milestone in Slovenian Golf

28th Apr 2022

Italy’s Saragnese Takes Honours at Inaugural CPG Virtual Series

20th Apr 2022

Golf Pride® Continues to Innovate with New CPX, the Softest Performance Grip Yet

1st Apr 2022

EDUGOLF Partners Focus On Research, Standards and Education at Meeting in Madrid

30th Mar 2022

PING Announces SS22 Men’s Performance Apparel Collection

30th Mar 2022

PING Unveils Most Comprehensive Ever Women’s Range for Spring/Summer 2022

30th Mar 2022

PING introduces Glide 4.0 wedges

16th Mar 2022

Golf Genius Software launches integrated event marketing tool Golf Hub

15th Mar 2022

PING Introduces Tour-Validated PLD Milled Putter Collection

8th Mar 2022

CPG Virtual Series Brings International Indoor Playing Opportunities For PGA Pros

28th Feb 2022

14th ‘Boutique’ BlackSeaRama Pro-Am Set For July

20th Feb 2022

Golf Genius Software Launches Golf Hub

18th Feb 2022

PING Expands Iron Offerings With i525 Players-distance Model

8th Feb 2022

PGA Tour Selects Trackman Tracking and Tracing Solution Beginning in 2022

4th Feb 2022

The PGA of Canada’s Commitment to Safe Sport

7th Jan 2022

2021 President’s Award for Golf Development Recognises EDGA’s Global Impact and Influence

10th Dec 2021

Italians Run Riot to Clinch a Wire-to-Wire Victory in the 2021 International Team Championship

3rd Dec 2021
load more

Dumpster Diving is a Filthy Business5 min read


Posted on: 9th Oct 2021

ESET is a CPG Business Partner and member of the Business Club by CPG – Find out more here

Is your business a serial shredder, tending not to think about what personal data is thrown in the waste? Have you ever thought what a cybercriminal could do after simply going through your rubbish? Now that online ordering of golf clubs, apparel and other goods and services in golf is becoming a regular way of life, the scope to be throwing away sensitive information is massive, and criminals are well aware of this treasure trove of information right on your kerbside.

Like most people around the world, since COVID-19 I started to become very good friends with my local delivery drivers as the number of items I received in the post and by a delivery service dramatically increased. From groceries to everyday supplies, my wife and I really started to buy virtually everything online.

Online shopping has come a long way in the past few years and there isn’t much that can go wrong when using reputable websites and shops with great reviews, right? Well, I’m afraid I’m about to draw your attention to yet another potential problem you need to be aware of and remain cautious.

READ ALSO: On course for a good hacking 

Your personal data is extremely sought after by malicious actors and it needs to remain private, or at least as private as you can make it. You need to be very careful of how you dispose of any sensitive data, since you never know who might just end up looking at it, including what you’ve bought online and other details that are on the paperwork that may be cast into the recycling.

I recently received a parcel and to my absolute astonishment my phone number was on the outside of the parcel, something I hadn’t seen before. Not only might this be a data protection faux pas; I wondered if cybercriminals could take advantage of this and what they could possibly achieve by joining the dots with the criminal underworld and previous data breaches and scrapes. After all, when Facebook admitted earlier this year that 533 million phone numbers were now searchable on the internet with corresponding email addresses, I thought this was potentially rather damaging.

But what about what is inside the envelopes and parcels and what if any of these contents head to the recycling bin? Assuming intercepting items in the postal and delivery services is difficult without an insider, I fear that many people may in fact just throw away parcel notes and addresses rather than destroy them with a shredder. It is my assumption that even if some people own a shredder, they may primarily use it for financial information and other extremely important documents that are no longer required, instead of using it on envelopes too.

I even hold up my hand as I was previously only shredding apparently sensitive and private information on paper, but then at the same time folding up and placing any cardboard parcels in the recycling pile – often with my address still clearly visible – but now this could contain my phone number, or maybe even an email address?

This parcel with my phone number clearly visible on it came from an eBay seller but it got me thinking about other documents that I receive now on a daily basis. Other receipts I looked at in my house from other eBay users have sometimes included my email address. Looking at some other receipts of mine – a few, including from a few independent online shops and a major shoe company – included my email address and phone number.

None of my Amazon parcels from the Amazon warehouse have ever included any more personal information in the paperwork other than name and address but one from an Amazon seller did send my email address written on the paperwork inside the envelope.

With the agreement of my friend James, who is both a good friend and also one of the school dads, I decided to test another recycling bin to see how much information I could piece together on him and his family. James happily allowed me to pilfer through his recycling bin the day before it was left at the kerb, with two weeks’ worth of paper and card in it. In 30 minutes of rummaging I found his or his wife’s name and address 24 times, email address three times and phone number twice. I was even able to profile them and piece together what they were into purchasing – something marketeers and advertisers are really struggling with at the moment due to GDPR – but it soon dawned on me that most people’s bins still remain hackers’ treasure troves!

Trash talk

Your paper and card waste can be worth rather a lot of money to cybercriminals due to the amount of sensitive information and what they can do with further tricks into manipulating people with this information. For example, with your phone number and the receipt of what you have just bought, they could potentially call or text you with an update on the product purchased and request you to visit a website that could then entice you to hand over more information such as a password or payment card details. There is the potential of them being able to then access your shopping accounts and purchase items from any stored cards or, worse still, attempt identity theft.

How else can you stay safe when shopping online?

  • Shred and destroy any personal data before you place it in the trash and don’t forget to check the envelopes/parcels.
  • Use unique, complex passwords and change them if they become compromised.
  • Use multi-factor authentication on all accounts.

RECEIVE FUTURE CPG NEWS

VISIT THE ESET BLOG