Home > CAPEC List > CAPEC-406: Dumpster Diving (Version 2.11)  

CAPEC-406: Dumpster Diving

 
Dumpster Diving
Definition in a New Window Definition in a New Window
Attack Pattern ID: 406
Abstraction: Standard
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary cases an establishment and searches through trash bins, dumpsters, or areas where company information may have been accidentally discarded for information items which may be useful to the dumpster diver. The devastating nature of the items and/or information found can be anything from medical records, resumes, personal photos and emails, bank statements, account details or information about software, tech support logs and so much more. By collecting this information an adversary may be able to learn important facts about the person or organization that play a role in helping the adversary in their attack.

+ Typical Severity

Low

+ References
[R.406.1] [REF-30] "The Official Social Engineering Portal". Social-Engineer.org. Tick Tock Computers, LLC. <http://www.social-engineer.org>.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2017-08-04Updated Description Summary, Related_Attack_PatternsInternal
Previous Entry Names
DatePrevious Entry Name
2017-08-04Social Information Gathering via Dumpster Diving

More information is available — Please select a different filter.
Page Last Updated or Reviewed: August 03, 2017