Updated: Jul 8
In the Social Engineering Arena, hackers often times use a tactic known as ‘baiting’. Baiting is the promise of an item or good (e.g. free music/movie download), used to entice their victims to they surrender their login credentials online.
Not only does baiting target online victims, the tactic also uses physical media such as free flash-drives or CD’s. Hardware infested with a ‘Trojan Virus’, once inserted into a company’s network- connected computer, spreads a malicious code throughout the system. Hackers often distribute infected hardware to employees under the guise of a promotional gift. The items are placed in company’s lobby, with intriguing writing such as ‘Confidential’ or ‘Salary Info’. Notwithstanding the allure of free material offered by unsavory hackers, there are some ways to avoid taking the bait.
The strongest defense against baiting and other Social Engineering Schemes is educating yourself. You should strive to have a strong security culture within your surroundings- office, home etc where every person must consider company security as paramount. Computer software must always be kept up to date, to guard against attacks. When asked for information, consider whether the person you’re talking to deserves the information and watch for questions that don’t fit the pretext- for instance a sudden sense of pressure or urgency is a definite sign. To this end, hackers who engage in Social Engineering Attacks prey off of human psychology and curiosity in order to compromise their target’s information. Hence, we at Tactical Security & Investigation Services implore you to counter these types of attacks with the advise offered.