Introduction
In this post, you will learn what is dumpster diving and how it works. And a real example of dumpster diving is below this section. They are two types of dumpster diving the general one which is used in normal society the other is used in IT. The same word are in use in different places but the context change.
What is Dumpster diving?
In IT dumpster diving is a type of social engineering attack. Not only in IT generally dumpsterdiving means searching for something valuable in the dump. The Valuable maybe anything here in general society foods for the poor is valuable but we don’t need to talk about that, Let’s see what is IT dumpster diving.
As I said dumpsterdiving is a type of social engineering attack. And mostly this kind of attack is a passive attack. This dumpsterdiving used for gathering information. If you don’t know what is social engineering attack visit here.
Also Read: Privilege escalation and types
How does dumpster diving work?
The straight answer is just jumping into a dumpster, And search for some valuable information or valuable particles and once you find something really worth it is dumpsters divings.
In IT there will be hardware and other IT related papers that will be shredded and put in the dustbin and anyone who sees this can jump inside the dumpster. If the papers are really very confidential then for sure any NSA agent will jump. Just kidding anyone who thinks is valuable will jump.
Once he/she gathers the hardware or the papers they can attach the papers or the hardware can be recovered and he/she can demand ransom or threaten the organisation.
Also Read: What is Ophcrack – Overview
Real-world example:
Have you see BSC (Better call saul), In this series saul goodman. He will jump into a dustbin where a staff dumps some valuable documents. And he takes the document and attaches them together and he gets paid 10000 dollars for taking the case.
The same happened in my life, I had porn videos on my drive and one of my college guys took from the dustbin I threw and demanded ransom.
Also Read: The three security posture
Also Read: Prismdump – Overview