What is a Bait Record

Bait records assist in the identification of criminal activity related to the improper dissemination of nonpublic information. They work on the same principle as a honeypot in the sense that they appear to contain valuable information but, in reality, exist only to ferret out unauthorized access to information. The fake information attracts its targets in the same way bait does on a fishing line.​​​​​​​


No matter how carefully organizations set up their cybersecurity protocols, unauthorized use of information remains a potential problem. The application of hacking through the use of social engineerings, such as phishing email attacks, or other methods exploits human tendencies and gain access to sensitive information. A ten-year study by Trend Micro found the use of hacking offered criminals the best returns for their efforts. These attacks create vulnerabilities beyond the protection of mechanical tools like encryption or password protection.

Bait records offer an additional line of defense in situations where an unknown security breach exists because they allow the affected entity to trace the unauthorized information back to the person who stole it. These traps are usually set on virtual servers wholly segregated from the rest of the businesses data files. 

Financial services organizations collect vast quantities of material and nonpublic information about their clients and the products they represent. This information ranges from consumer credit card information and Social Security numbers to upcoming news about substantial events that could affect a firm’s stock price. The U.S. Securities and Exchange Commission (SEC) maintains strict rules about the care and protection of material, nonpublic information because of its links to insider trading, where a trader uses sensitive information not known to the general public to profit off a trade or set of trades.

Bait Records for Employee Use Control

Firms have difficulty protecting material, nonpublic information because some employees may legitimately need access to the data to perform their job responsibilities. Also, authorized users may find it tempting to misuse information in certain situations. The same Trend Micro study found that unhappy employees were the second most frequent route to leaked data. Unhappy or vengeful employees become identity thieves, however, when they do not have a legitimate reason to look-up and copy the information. But not all employees are disgruntled and looking for revenge. Employees may innocently leak information without intending to do so. 

In theory, a bait record should see significantly less user access than a legitimate file, since no authorized user would have any reason to seek out fake records. Access logs for bait records, then, will contain a narrower set of users consisting only of those who indiscriminately pull data, making the illicit activity easier to discover and prosecute. In other cases, bait records used to commit insider trading or similar crimes will propagate bogus information, making it easier for investigators to target the perpetrators of fraud.

Hacking Tax Professional Records

Tax accountants are prime targets for those wanting to steal private information. Personally identifiable information (PII) is the most common type of data taken. Thieves will steal client records and use that information to file fraudulent tax returns in the following year. The information contained in tax records may also be used to set up credit card accounts and other financings. The Federal Trade Commission (FTC) sets regulations for tax professionals, who must create and use strict security to protect client information, in IRS Publication 4557 and 5293.

For example, a perpetrator attempting to steal credit card and social security numbers will likely want to pull as many records off a system as possible. By seeding bait records in the data, firms can track illicit patterns of use. Thieves desire more than just the access to financial information. They also look for healthcare, education, and credentialing information. 

The FTC conducted a study in 2017 to determine what happened to leaked consumer data. By creating fake consumer accounts, they were able to track the actions hackers took with the information. The study posted the false data on the dark web on two different dates. The first posting saw illegal activity with the fake information within an hour and a half, while the second posting required only 9 minutes before someone attempted to use the information illegally.