Baiting is a social engineering technique that cyber criminals use to lure victims by appealing to their greed or curiosity with a false promise.
In the online world, this can take the form of an email telling you that you’ve won a competition or an advert offering you a great deal. Or in the real world, cyber criminals might leave a USB stick or some other hardware visible to tempt someone to plug it into their laptop. In most of these cases, they will likely contain malware that will infect the person’s computer or network. This malware might then be used to steal data or important information that criminals can then use to make money.
Cryptocurrency as bait
Increasingly, cryptocurrency is being used as bait in financial scams. A cybercriminal will use social engineering tactics to convince you to invest in cryptocurrency. As part of this, they might create a fake online persona that gives them credibility as a financial advisor, investor or a crypto specialist. Once you have purchased the cryptocurrency, they will get you to transfer it to them – or hand over the private keys – so that they can ‘invest’ it for you. In reality, they will simply take the money. And because cryptocurrency offers a level of anonymity that other currencies don’t, it is hard to track them down and recover the money later.
How to avoid being baited
To avoid falling victim to a baiting scam, you need to remain aware of the potential dangers that are out there.
- Always be sceptical of offers that seem too good to be true
- Never click on links in emails from people you don’t know. And even if you think you know them, double check that the email address is correct
- Use antivirus software and keep it updated
- Don’t plug in external USB devices to your computer unless you can verify they came from a safe source
- Educate your employees on baiting techniques to help them avoid becoming victims in future.