Social Engineering Series: Baiting and Quid Pro Quo Attacks
Today, we are looking at baiting and quid pro quo attacks for the fifth installment in our social engineering series.
Baiting is when the hacker tries to convince the target that s/he has something to gain in this exchange. It’s a classic ‘trojan horse.’ Infected USB drives are left in public places, or in parking lots of targeted businesses. The hope is that an unsuspecting person will take to their computer. Or, an online version is a link on the web that promises something the user may want.
A Quid Pro Quo Attack is similar to baiting and pretexting. This is when someone poses as an IT technician, who wants to help you with your pc troubles, “troubles” you may not have even known you had—because you don’t. These can appear as pop-ups on your machine stating that you need to call a number to fix a problem. Sometimes they pose as employees of well-known tech companies. Know that companies will not contact you via a pop- up or phone call to solve a pc problem.