A user's workspace can also provide a cornucopia of information, and sorting through the workspace is usually more sanitary then the user's trash can. Sticky notes are again a prime target. These notes are generally stuck to easily visible objects, such as the monitor, keyboard, telephone, blackboard, cubicle wall near the computer, etc. Documents and user files are also susceptible. Often, even employees who conscientiously shred critical documents during the proofreading stage leave current versions on their desktop or in an unlocked drawer, thinking that they'll be safe as long as no one knows the documents are there.
Users often don't engage their screen saver or cable lock when they step away from their machine. This allows a hacker to use the employee's computer and the network with all the user's permissions and access rights. Some employees think they're safe because all their applications need passwords; however, the computer's cache often has a convenient store of all recently used passwords, web sites visited, cookies, and anything else the hacker may need to exploit the user's network access. This is a major reason why systems should not be allowed to cache such information. Without a cable lock, it may be possible for someone to merely walk off with the computer, especially when all computers and laptops look alike and rarely have discriminating features on the surface.
Desktop Hacking = Spying
Evaluating the security posture of your coworker's desktop is a more sensitive matter than exploring his or her trash. Desktop social engineering usually is done during the day while the employees are in the office but away from their desks. Can you recognize the following behaviors from someone at your business?
The social engineer wants to catch desk drawers and file cabinets open and papers spread out. This requires some of the same skills used in spying: Be silent, observe everything, and don't get caught. There are many approaches: Walk around the office space and find out which people don't lock their desks when leaving for lunch or meetings. See who takes long coffee breaks. Find out which employees never lock their desks, leaving their files and possessions vulnerable to prying eyes and hands during or even after hours. They're prime targets.
It's worth visiting the selected targets' offices or cubicles before going back to gather information in order to case out the workspace. Identify where the subjects keep their papers and sticky notes. See if you can spot a posted password. Identify any lockable drawers left unlocked. When reviewing an office space, keep a lookout for any video surveillance cameras in use. In such a case, it's not good to sit at the employee's desk or to take any sticky notes or papers. Survey the workspace from a distance, or stand as if you're waiting for the employee to return. Just be ready with a believable cover story in case your presence is questioned.
Once you're familiar with the target's workspace, go back when he or she isn't around and quickly go through your target list, collecting information. If you feel that the user may not miss a particular document for a while, borrow it to photocopy and return. Take the copy home and read it at your leisure.