Baiting is a social engineering attack where victims are lured with a false promise to trick them into sharing confidential information. Baiting relies on either greed, fear, or curiosity and can be done both physically, or online.
Example:
Linda, an attacker, strategically leaves a USB drive labelled “Confidential Company Report” in a public area. Carl, unaware of the potential danger, finds the drive and inserts it into his computer. The malicious program contained within the drive infects Carl’s system, allowing Linda to stealthily steal sensitive data.
Prevention Tips:
- Don’t pick up or use unattended objects, especially USB drives or other electronic devices.
- Be cautious of clicking on unknown attachments or downloading files from untrusted sources.