fbpx
Contact Us

Did You Know The Recycle Bin Doesn’t Actually Delete Anything?

Go Back

Have you heard of dumpster-diving? Well the old saying “One man’s trash is another man’s treasure” sums it up perfectly. Did you know in the US, once you’ve committed something to the trash it is no longer considered private information and is fair game for anyone to peruse? You may not believe it but motivated criminals will happily rifle through our rubbish to acquire sensitive personal information on us if they suspect it might be worthwhile.

Dumpster divers can be a diverse bunch, from the homeless looking for something to eat / drink, petit thieves looking to small-time de-fraud you, to targeted attacks and scams directly intended to strike wealthy individuals. The information gleamed from ‘dumpster-diving’ can assist in stealing someone’s identity or to remotely access your devices.

Paper & Digital Information

This doesn’t apply to just paper-based information either. Imagine throwing away a USB stick, selling a laptop on eBay or donating your printer to a charity shop. All these scenarios are risky as all these devices can provide others with huge quantities of your personal data. Criminals actually buy devices on sites like eBay because they are guaranteed to find sensitive personal information where people haven’t cleansed their devices before selling them. Therefore, in addition to shredding our sensitive paper docs, we also need to shred our electronic information too.

Being pragmatic, unless you have wronged someone recently (e.g. jilted ex-husband or wife) or you are a person of particular interest (e.g. High Net Worth Individual, celebrity, politician, etc.) the likelihood of someone actually going through your bins is low. However, because the impacts of identity theft are life changing, shredding a few pieces of paper and your electronic storage devices when your done with them is well worth the 30minutes per year I devote to it. Fortunately, how we do this for both paper and electronic information is easy!

Still Not Convinced?

You may be reluctant to use one and just take the risk but take a moment to consider the following facts;

  • The UK is the most targeted country for identity theft in Europe
  • Identity theft is one of the most pervasive attacks on you or your family with many victims likening the emotional consequences to sexual assault
  • 7% of the UK population (4 million people) have been victims of identity theft, the average loss for victims is £1,190 and some have lost up to £9,000

Just because you haven’t been a victim of identity theft as yet (that you know of), does not mean it will remain that way. The way this type of fraud is growing, the likelihood it’ll impact you at some point increases each year. Securely erasing your data is one of the best ways to combat it.

Paper-based Information

Get a cheap cross-cut shredder and use it after you’ve read your mail. Straight cut shredders only slice the paper lengthways and a motivated individual could piece it back together again. Cross-cut shredders slice the paper into tiny cubes and therefore make it nigh on impossible to piece back together. Ever tried doing a 1000 piece puzzle of a picture of baked beans? I recommend the Fellowes Powershred M-8C 8 Sheet Cross Cut Personal Shredder, it’s £41.99 and a pretty reliable piece of kit.

Top Tip: Keep a plastic wallet close to wherever you normally open your mail (the kitchen for the Pelter Household!) and file anything that needs to be shredded in there. Periodically, when the wallet is full which for me is about every 3 or 4 months shred it all.

The shredded paper can then be used for packaging come Xmas time! 😀

What do I Need To Shred?

I know other security professionals who advise to shred “absolutely everything”, just to be safe. This is a little excessive. Pragmatically, there are a few types of key information that you should prioritise;

  • Anything with the following on;

o Medical / health information
o Date of birth
o Financial information, for example credit / debit cards, bank or tax statements or details on your investments
o Social security number (US) or national insurance number (UK)
o Information about the IT software or hardware that you use (e.g. software instruction books, technical support logs, etc.). These can be used to understand what inherent vulnerabilities your assets might have and then this can be used to remotely exploit them.

  • Resumes/CVs
  • Personal photos and emails
  • Legal documentation (e.g. letters to your lawyer, house sale, lawsuit, etc.)
  • Old identification cards
  • Credit/Debit cards
  • CDs and DVDs
  • Electronic Information

Electronic Shredding

Electronic shredding (or ‘secure erasure’) is required because when we “delete” data on our devices, it’s actually not fully erased! For example, once you’ve emptied your Recycle Bin (Windows) or your Trash (Mac), it’s actually retrievable by anyone who knows how. Once you clear your trash or recycle bin, all that happens is that that file you think you’ve deleted is marked for deletion – it doesn’t actually get deleted until another file is created and needs that disk space to be saved – this would be weeks/months later!

There are tools anyone can download from the internet that can retrieve data or reverse deleted data that you thought has been erased! This can be a life-saver if you’ve accidentally deleted your dissertation the day before it’s due, but these tools also have much darker uses too.

You need to use a secure erasure tool to ensure the data isn't retrievable. Generally, the types of electronic devices we’ll want to securely erase if we’re selling them or throwing them away are;

  • Personal devices; PCs, laptops, iPads, smart phones
  • Storage devices; USB sticks, external hard drives, backup systems
  • Printers; yes – most modern printers actually keep a record of everything you scan, copy or print
  • Individual Files / Documents; if you only have a small number of sensitive files you can just individually erase them once you’re finished with them. If you think you might need them sometime in the future, securely archive them onto an external hard drive and protect with encryption.

Which Secure Shredder Is Best?

Reminder: for those who aren't familiar with me, I do not have any commercial relationship with any third party products. I recommend products based on merit only.

  • FileShredder (£8) for Mac is awesome as it adds an option to your right-click mouse menu. Great for your day-to-day, erasing files and folders.
  • ProtectStar (£14.10) - great product for all major platforms that is affordable! Provides over 50 erasure options (just select one with a minimum of 7 cycles). It also conforms to a number of international erasure standards , providing a degree of comfort that it’ll do what it says on the tin! Great for erasing whole devices.
  • ShredIt X (free) – the cheaper alternative. A little more clunky and doesn’t hold as many accreditations as the two above but will still do the job for Mac and Windows devices.

Smart Phones & Tablets

Worth a special mention due to the lack of good tools available at present to securely erase them and the vast amount of sensitive information we store on them. With the exception of Apple’s iPhones and iPads, the in-built device factory reset functions should not be relied upon as securely deleting everything. Apple’s iOS devices are OK because all the data on them is encrypted by default and when you choose to "Erase All Content and Settings" the device destroys the encryption keys. So your data is basically still there but it’s encrypted so is as good as erased.

For androids, use DrFone Erase (Android) to securely erase your device or encrypt the internal storage with a long passphrase before doing a factory reset.

Top Tip: our email is one of the riches stores of sensitive personal data that we hold and the vast majority of us keep emails indefinitely without ever bulk deleting them. Always think, if I don’t need it - delete it. Periodically delete your emails (e.g. everything older than 12 or 24 months) or if you think you may need them in the future, export them as an email archive, encrypt them and store them on an external hard drive offline so that the likes of malware cannot compromise the sensitive data stored in them.

Now hopefully you can see the importance of deleting our digital information. If you struggle to get this done, just head over to www.simplecyberlife.com and I’ll be happy to help 🙂

 

Jonny

Founder of www.SimpleCyberLife.com. Cyber security expert, public speaker and entrepreneur.

www.jonnypelter.com

jonny@simplecyberlife.com

Leave a Reply

Your email address will not be published. Required fields are marked *

Hacked Social Media Recovery Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips. You of course can unsubscribe at any time.

Free Protection Checklist!

Pop your email into the form below and we'll send you the link to your internet safety protection checklists!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Free Cyber Bullying Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips occasionally. You of course can unsubscribe at any time.

Free I've Been Hacked Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Top