Friday, February 19, 2016

Baiting...

You arrive at work and find a USB flash drive (“memory stick”) lying in the parking lot…

What should you do?

1. In order to determine if someone in my department lost this, I’d plug it into my computer and view contents of the files on it, which might help me find its owner.
2. I’ll hand this off to my IT support person. I won’t plug it into my computer, since I don’t know where it came from and what is on it.


The Answer: #2. “Baiting” is a common method for an attacker to gain access to a computer or a network. They use physical media and rely on the curiosity or greed of the victim. When the files on the device are opened, malware is executed and attempts to take control of the victim’s computer.

What to do: Have unclaimed found media inspected by your IT support personnel. Like unexpected emails, don’t trust media found in unexpected places.


No comments:

Post a Comment