Rummaging through rubbish for personal information (dumpster diving)
Retrieving personal data from redundant IT equipment and storage media including PCs, servers, PDAs, mobile phones, USB memory sticks and hard drives that have been disposed of carelessly at public dump sites, given away or sold on without having been properly sanitized
Using public records about individual citizens, published in official registers such as electoral rolls
Stealing bank or credit cards, identification cards, passports, authentication tokens ... typically by pickpocketing, housebreaking or mail theft
Skimming information from bank or credit cards using compromised or hand-held card readers, and creating clone cards
Using 'contactless' credit card readers to …show more content…
into IT equipment located in public places (shoulder surfing)
Stealing personal information from computers using malware, particularly Trojan horse keystroke logging programs or other forms of spyware
Hacking computer networks, systems and databases to obtain personal data, often in large quantities
Exploiting breaches that result in the publication or more limited disclosure of personal information such as names, addresses, Social Security number or credit card numbers
Advertising bogus job offers in order to accumulate resumes and applications typically disclosing applicants' names, home and email addresses, telephone numbers and sometimes their banking details
Exploiting insider access and abusing the rights of privileged IT users to access personal data on their employers' systems
Infiltrating organizations that store and process large amounts or particularly valuable personal information
Impersonating trusted organizations in emails, SMS text messages, phone calls or other forms of communication in order to dupe victims into disclosing their personal information or login credentials, typically on a fake corporate website or data collection form
Retrieving personal data from redundant IT equipment and storage media including PCs, servers, PDAs, mobile phones, USB memory sticks and hard drives that have been disposed of carelessly at public dump sites, given away or sold on without having been properly sanitized
Using public records about individual citizens, published in official registers such as electoral rolls
Stealing bank or credit cards, identification cards, passports, authentication tokens ... typically by pickpocketing, housebreaking or mail theft
Skimming information from bank or credit cards using compromised or hand-held card readers, and creating clone cards
Using 'contactless' credit card readers to …show more content…
into IT equipment located in public places (shoulder surfing)
Stealing personal information from computers using malware, particularly Trojan horse keystroke logging programs or other forms of spyware
Hacking computer networks, systems and databases to obtain personal data, often in large quantities
Exploiting breaches that result in the publication or more limited disclosure of personal information such as names, addresses, Social Security number or credit card numbers
Advertising bogus job offers in order to accumulate resumes and applications typically disclosing applicants' names, home and email addresses, telephone numbers and sometimes their banking details
Exploiting insider access and abusing the rights of privileged IT users to access personal data on their employers' systems
Infiltrating organizations that store and process large amounts or particularly valuable personal information
Impersonating trusted organizations in emails, SMS text messages, phone calls or other forms of communication in order to dupe victims into disclosing their personal information or login credentials, typically on a fake corporate website or data collection form