Advancing Associations

Wil Besseling and Lars van Meijel join GolfSixes event at KLM Open

25th May 2023

PGA of Italy Elections – Ascanio Pacelli Elected New President

23rd May 2023

Popular GolfSixes Introducing More Young People to Shorter Form of Team Golf

16th May 2023

EDUGOLF Begins Developing New Education and Training Products for the Golf Industry

19th Apr 2023

Spanish Trailblazer, Marta Figueras-Dotti, Recognised With CPG’s Christer Lindberg Bowl

11th Apr 2023

Renowned Spanish Golf Coach Eduardo Celles Wins Prestigious John Jacobs Award

6th Apr 2023

New Quick Guide to the Rules of Golf Released

29th Mar 2023

Pioneering Ólafsson Receives Iceland’s First 5-Star Pro Award

13th Mar 2023

Golf Genius Hits Milestone With Golf Hub

7th Mar 2023

New EDGA Research to Collect Quality Data On How Golfers With Different Impairments Are Affected in Their Ability to Play Golf

6th Mar 2023

PING Signs EDGA Golfer Juan Postigo Arce

6th Mar 2023

Guenther Enters the Winner’s Circle With AESGC International Victory

4th Feb 2023

New «Swiss PGA General Manager» – Ronnie Zimmermann

20th Jan 2023

Research Request: How Coaches Can Provide More Meaningful Learning Experiences for Players

11th Jan 2023

New PING G430 Family Delivers Speed and Distance (and Forgiveness, of Course)

10th Jan 2023

IGPN 68 Goes Live – Spheres of Influence: The Value of the PGA & the Pro

22nd Nov 2022

EDUGOLF Partners Make Progress in Poland

9th Nov 2022

Golf Genius Launches Golf Shop Product for PGA Professionals

3rd Nov 2022

PING Advances Popular i Series With New i230 Irons and iCrossover

26th Oct 2022

Keeping Junior Engagement at the Front of the Mind

15th Oct 2022
load more

Dumpster Diving is a Filthy Business5 min read


Posted on: 9th Oct 2021

ESET is a CPG Business Partner and member of the Business Club by CPG – Find out more here

Is your business a serial shredder, tending not to think about what personal data is thrown in the waste? Have you ever thought what a cybercriminal could do after simply going through your rubbish? Now that online ordering of golf clubs, apparel and other goods and services in golf is becoming a regular way of life, the scope to be throwing away sensitive information is massive, and criminals are well aware of this treasure trove of information right on your kerbside.

Like most people around the world, since COVID-19 I started to become very good friends with my local delivery drivers as the number of items I received in the post and by a delivery service dramatically increased. From groceries to everyday supplies, my wife and I really started to buy virtually everything online.

Online shopping has come a long way in the past few years and there isn’t much that can go wrong when using reputable websites and shops with great reviews, right? Well, I’m afraid I’m about to draw your attention to yet another potential problem you need to be aware of and remain cautious.

READ ALSO: On course for a good hacking 

Your personal data is extremely sought after by malicious actors and it needs to remain private, or at least as private as you can make it. You need to be very careful of how you dispose of any sensitive data, since you never know who might just end up looking at it, including what you’ve bought online and other details that are on the paperwork that may be cast into the recycling.

I recently received a parcel and to my absolute astonishment my phone number was on the outside of the parcel, something I hadn’t seen before. Not only might this be a data protection faux pas; I wondered if cybercriminals could take advantage of this and what they could possibly achieve by joining the dots with the criminal underworld and previous data breaches and scrapes. After all, when Facebook admitted earlier this year that 533 million phone numbers were now searchable on the internet with corresponding email addresses, I thought this was potentially rather damaging.

But what about what is inside the envelopes and parcels and what if any of these contents head to the recycling bin? Assuming intercepting items in the postal and delivery services is difficult without an insider, I fear that many people may in fact just throw away parcel notes and addresses rather than destroy them with a shredder. It is my assumption that even if some people own a shredder, they may primarily use it for financial information and other extremely important documents that are no longer required, instead of using it on envelopes too.

I even hold up my hand as I was previously only shredding apparently sensitive and private information on paper, but then at the same time folding up and placing any cardboard parcels in the recycling pile – often with my address still clearly visible – but now this could contain my phone number, or maybe even an email address?

This parcel with my phone number clearly visible on it came from an eBay seller but it got me thinking about other documents that I receive now on a daily basis. Other receipts I looked at in my house from other eBay users have sometimes included my email address. Looking at some other receipts of mine – a few, including from a few independent online shops and a major shoe company – included my email address and phone number.

None of my Amazon parcels from the Amazon warehouse have ever included any more personal information in the paperwork other than name and address but one from an Amazon seller did send my email address written on the paperwork inside the envelope.

With the agreement of my friend James, who is both a good friend and also one of the school dads, I decided to test another recycling bin to see how much information I could piece together on him and his family. James happily allowed me to pilfer through his recycling bin the day before it was left at the kerb, with two weeks’ worth of paper and card in it. In 30 minutes of rummaging I found his or his wife’s name and address 24 times, email address three times and phone number twice. I was even able to profile them and piece together what they were into purchasing – something marketeers and advertisers are really struggling with at the moment due to GDPR – but it soon dawned on me that most people’s bins still remain hackers’ treasure troves!

Trash talk

Your paper and card waste can be worth rather a lot of money to cybercriminals due to the amount of sensitive information and what they can do with further tricks into manipulating people with this information. For example, with your phone number and the receipt of what you have just bought, they could potentially call or text you with an update on the product purchased and request you to visit a website that could then entice you to hand over more information such as a password or payment card details. There is the potential of them being able to then access your shopping accounts and purchase items from any stored cards or, worse still, attempt identity theft.

How else can you stay safe when shopping online?

  • Shred and destroy any personal data before you place it in the trash and don’t forget to check the envelopes/parcels.
  • Use unique, complex passwords and change them if they become compromised.
  • Use multi-factor authentication on all accounts.

RECEIVE FUTURE CPG NEWS

VISIT THE ESET BLOG