What is baiting in cyber security attacks? Baiting in cyber security refers to a social engineering attack where cybercriminals lure victims into compromising their systems or revealing personal information by offering something enticing, such as free software, music downloads, or even a USB drive labeled “confidential.” Once the victim takes the bait—by downloading a file or plugging in the infected USB—malware is installed on their device, granting the attacker access to sensitive data. Baiting preys on human curiosity and greed rather than technical vulnerabilities. To prevent such attacks, users should avoid using unknown devices and verify the legitimacy of online offers.