Advancing Associations

CPG & The Coach Alliance Partner For Winter Webinar Series

12th Dec 2024

CPG & Sportsbox AI Unite to Enhance Training & Education

13th Nov 2024

GolfSixes League Debuts in China Alongside the Hainan Open

18th Oct 2024

Golf Genius Release Major Upgrade to its Tournament Management Product With Event Dashboard+ Feature

10th Oct 2024

Golf Genius Launches Off-Course Technology for Indoor and Entertainment Golf

4th Sep 2024

Olympic Officiating – Inside the Ropes with Christiane Stenger

13th Aug 2024

Rai Claims Maiden PGA Tour Victory With Trusted MacWet Gloves

13th Aug 2024

PING advances Prodi G Junior Clubs; Introduces Junior Custom-Fitting App

16th Jul 2024

Glenmuir Unveils SS2025 Collection: A Tribute to Heritage and Innovation

16th Jul 2024

How to Successfully Implement Technology Within a Golf Operation

2nd Jul 2024

CPG Team Take On 100 Hole Challenge for the Ryder Cup Trust

17th Jun 2024

DP World Tour, The R&A and PGA Tour Launch Global Amateur Pathway

4th Jun 2024

Successful GolfSixes League Grows Globally

4th Jun 2024

Kipp Popert & Daphne van Houten Take G4D Open Honours

18th May 2024

5 Pre-Season Steps for Your Golf Shop With Golf Genius

30th Apr 2024

Golfbidder Pro Expansion – B2B Pricing Tool Now Available to All of Europe

25th Apr 2024

PING Putter Line Expands With Six New Premium Models

23rd Apr 2024

Abu Dhabi GolfSixes League Grand Final Won by Abu Dhabi City Golf Club Juniors

22nd Apr 2024

PING Announced as Supporting Partner of PGA Women’s Championship of Canada

5th Apr 2024

Dr Mark Bull 3D Biomechanics Seminar – 06-07 MAY, Austria

1st Apr 2024
load more

Dumpster Diving is a Filthy Business5 min read


Posted on: 9th Oct 2021

ESET is a CPG Business Partner and member of the Business Club by CPG – Find out more here

Is your business a serial shredder, tending not to think about what personal data is thrown in the waste? Have you ever thought what a cybercriminal could do after simply going through your rubbish? Now that online ordering of golf clubs, apparel and other goods and services in golf is becoming a regular way of life, the scope to be throwing away sensitive information is massive, and criminals are well aware of this treasure trove of information right on your kerbside.

Like most people around the world, since COVID-19 I started to become very good friends with my local delivery drivers as the number of items I received in the post and by a delivery service dramatically increased. From groceries to everyday supplies, my wife and I really started to buy virtually everything online.

Online shopping has come a long way in the past few years and there isn’t much that can go wrong when using reputable websites and shops with great reviews, right? Well, I’m afraid I’m about to draw your attention to yet another potential problem you need to be aware of and remain cautious.

READ ALSO: On course for a good hacking 

Your personal data is extremely sought after by malicious actors and it needs to remain private, or at least as private as you can make it. You need to be very careful of how you dispose of any sensitive data, since you never know who might just end up looking at it, including what you’ve bought online and other details that are on the paperwork that may be cast into the recycling.

I recently received a parcel and to my absolute astonishment my phone number was on the outside of the parcel, something I hadn’t seen before. Not only might this be a data protection faux pas; I wondered if cybercriminals could take advantage of this and what they could possibly achieve by joining the dots with the criminal underworld and previous data breaches and scrapes. After all, when Facebook admitted earlier this year that 533 million phone numbers were now searchable on the internet with corresponding email addresses, I thought this was potentially rather damaging.

But what about what is inside the envelopes and parcels and what if any of these contents head to the recycling bin? Assuming intercepting items in the postal and delivery services is difficult without an insider, I fear that many people may in fact just throw away parcel notes and addresses rather than destroy them with a shredder. It is my assumption that even if some people own a shredder, they may primarily use it for financial information and other extremely important documents that are no longer required, instead of using it on envelopes too.

I even hold up my hand as I was previously only shredding apparently sensitive and private information on paper, but then at the same time folding up and placing any cardboard parcels in the recycling pile – often with my address still clearly visible – but now this could contain my phone number, or maybe even an email address?

This parcel with my phone number clearly visible on it came from an eBay seller but it got me thinking about other documents that I receive now on a daily basis. Other receipts I looked at in my house from other eBay users have sometimes included my email address. Looking at some other receipts of mine – a few, including from a few independent online shops and a major shoe company – included my email address and phone number.

None of my Amazon parcels from the Amazon warehouse have ever included any more personal information in the paperwork other than name and address but one from an Amazon seller did send my email address written on the paperwork inside the envelope.

With the agreement of my friend James, who is both a good friend and also one of the school dads, I decided to test another recycling bin to see how much information I could piece together on him and his family. James happily allowed me to pilfer through his recycling bin the day before it was left at the kerb, with two weeks’ worth of paper and card in it. In 30 minutes of rummaging I found his or his wife’s name and address 24 times, email address three times and phone number twice. I was even able to profile them and piece together what they were into purchasing – something marketeers and advertisers are really struggling with at the moment due to GDPR – but it soon dawned on me that most people’s bins still remain hackers’ treasure troves!

Trash talk

Your paper and card waste can be worth rather a lot of money to cybercriminals due to the amount of sensitive information and what they can do with further tricks into manipulating people with this information. For example, with your phone number and the receipt of what you have just bought, they could potentially call or text you with an update on the product purchased and request you to visit a website that could then entice you to hand over more information such as a password or payment card details. There is the potential of them being able to then access your shopping accounts and purchase items from any stored cards or, worse still, attempt identity theft.

How else can you stay safe when shopping online?

  • Shred and destroy any personal data before you place it in the trash and don’t forget to check the envelopes/parcels.
  • Use unique, complex passwords and change them if they become compromised.
  • Use multi-factor authentication on all accounts.

RECEIVE FUTURE CPG NEWS

VISIT THE ESET BLOG