In this post, you will learn what is baiting and what the hell is it doing in IT. This post is all about baiting’s and I have already written a post on what is social engineering do check it out click here.
What is Baiting in IT?
Baiting in IT is a type of social engineering attack. We knew the real meaning of what baiting is, Suppose you are caching a fish you need bait and the same is required in the security industry. But not the fish ahh Just kidding!
Instead of Fish here, it is humans or the target and the bait here is the hardware or anything which tempts the target is the bait.
Once the target takes the Pendrive and I am sure he/she will plug the pen drive in a device and see what the hell it is?
As humans, weakness is a temptation the cybercriminals to use this as their bait and this baiting’s social engineering attack is a successful attack, Even the top security agencies employees have done these mistakes.
Also Read: What is water holing?
How does baiting work?
Baiting’s works by tempting the end-user and the cybercriminals will have some malicious codes in the bait(Hardware). And once the user takes and enters into his administrator account the Game is Over!
Also Read: What is diversion theft?
How to prevent baiting?
To prevent baiting’s stop using unknown hardware and believe in trusted software and verify the hardware is belonging to an authorized person.
Also Read: What is pretexting?
Also Read: Phishing attacks and types