Attacks & Threats
Baiting
Also known as: USB drop attack
Definition
A social-engineering attack that lures victims with an enticing physical or digital object designed to trigger malware execution or credential theft.
Examples
- An attacker scatters USB drives labelled "Confidential — HR" in a company parking lot, hoping employees plug one in.
- A pirated software download bundles a remote access trojan that runs at install time.
Related terms
Social Engineering
The psychological manipulation of people into performing actions or disclosing confidential information that benefits an attacker.
Phishing
A social-engineering attack in which an attacker impersonates a trusted party to trick a victim into revealing credentials, transferring money, or running malware.
Pretexting
A social-engineering technique in which an attacker invents a believable scenario or identity to manipulate a target into disclosing information or performing an action.
Quid Pro Quo Attack
A social-engineering attack in which the attacker offers a service or benefit in exchange for information or access from the victim.
Drive-by Download
An attack in which malware is silently installed on a victim's device simply by visiting a compromised or malicious website.
Malvertising
The use of online advertising networks to distribute malware, exploits, or scams via legitimate-looking ads served on trusted websites.