In between bouts of chasing a POODLE around the yard today, my mind wandered into the realm of honeypots, honey drives and honey records. I had an idea about creating fake a employee complete with a workstation, company email account, facebook page and so on.
The fake employee would exist for purposes of detecting spear phish attempts, lateral movement to the workstation, access of the employee’s documents, email accounts and so on. Hence the name “honey employee”. This could serve as a early warning system, and to keep an eye on tactics being used by miscreants trying to worm their way in through the employees.
Is anyone doing this already?