January 10, 2019

Honey Traps and Board Members

Jonathan Tomes

Jonathan Tomes
President, Consultant/EMR Legal, Inc.

Share This Post

Honey Traps Are Just for Defense Secrets, Right? Wrong!

 

Ok, you, being as wise and experienced as you must be to have become a board member, are not likely to become a victim of a honey trap. But others in the corporations that you serve may be, and a director could certainly be a target of a honey trap, just as a high-level military or other government official could be. So understanding what honey traps are and how to guard against them is important for board members, as well as for corporate security officers.

What is a honey trap? The simplest definition is a technique in which an irresistible bait is used to lure a victim. The Cambridge Dictionary gets more specific: the use of an attractive person to try to get information from someone.1 The traditional honey trap that we think of when we hear the term relates to espionage or defense. But now, it may be a part of corporate spying, politics, or even gang recruitment, as well.

Honey trapping is at least as old as the Old Testament. About 5850 BCE, a beautiful Hebrew widow called Judith seduced Holofernes, a general invading Israel on behalf of Nebuchadnezzar, king of Nineveh and Assyria. According to the biblical Book of Judith, she got him drunk, cut off his head, and “put it in her bag of meat.” She is now the patron saint of Israel’s Mossad agents. But in the Information Age—that is, now called the Digital Age—the honey trap has gotten a lot more sophisticated.

The very recent case of the woman known as Mia Ash is illustrative. Mia was ostensibly 30 years old, beautiful, and an accomplished photographer working in London. She was someone whom almost any middle-aged executive could be interested in. Her social media picture revealed her to be dark-eyed with glossy hair worn in a sexy, tousled style. Her corporate target also had an interest in photography. If he had any suspicions about her, they were allayed by her more than 500 friends on Facebook and hundreds more on LinkedIn, the site that she used to contact him. Her posts revealed her to be well educated, successful in her own photography business, and having many cultural interests. Her social media relationship status was “complicated,” apparently a euphemism for “available.” The only problem was that she didn’t exist, except in cyberspace.

So while the historical honey trap relied on beautiful women making physical contact with their marks, now honey trappers troll the Internet for gullible males with information to steal. And that’s just what Mia did. An international hacking gang spent more than a year crafting her identity to mimic actual photography professionals. Consequently, she was able to honey trap senior officials in sensitive industries in Israel, India, Saudi Arabia, and the United States. Her last score was to ask an executive in the Middle East for a “little favor.” She said that she had to collate information for a photography survey and asked him to complete an Excel spreadsheet on his office computer that she would send him as an email attachment. She represented that the program would seize up if done on a personal computer. But the email was a so-called “Trojan Horse,” which contained malware that was supposed to steal corporate and strategic plans. Fortunately, the company had good security, and its cyber-defenses detected the malware, blocked it, and sent out alarms, resulting in the extinction of Mia’s pixel existence.2

In this regard, psychologists note that, when one shares personal details over the Internet, one’s brains become more quickly addled into believing that one has real intimacy and trust with someone known only online than with a live person. It can be easier to become besotted over the Internet than in real life. Professor Monica Whitty, a cyber-psychologist at the University of Warwick, in London, and the author of Cyberspace Romance: The Psychology of Online Relationships, says, “When you are communicating with someone online, morning, noon, and night, and disclosing precious information about yourself, it’s hard to think that this is not real.”3

So the live, modern Mata Hari is qualified in art history or international relations, works as a translator or an analyst, mixes with professionals on an equal footing, and has affairs with diplomats, NATO officials, and the UN nomenklatura.4 And the virtual one can be anything that will appeal to the target.

In the corporate, as opposed to the intelligence, world, one doesn’t have to betray one’s country be a traitor. Ok, so a corporate executive unwittingly begins an affair with a corporate spy and reveals secrets about the new product that his firm just developed during pillow talk, or the woman5 whom he slept with provides him an envelope or email attachment containing photographs of the two of them in flagrante delicto, along with a note that she will send them to the mark’s wife or post them on Facebook unless he provides a few schematics to her. “Who wouldn’t reveal a few numbers or diagrams to spare your spouse the pain of such photographs? A few pages of notes to protect 50% of your belongings. It’s not like the country is at stake.”6

In 2013, the South China Morning Post reported that executives and engineers at some of Japan’s largest high-tech companies were ensnared in a “honey trap” set by Chinese women working at a Kyoto Hostess Bar. The bar employed eight hostesses who were skilled not just in pouring drinks, but in flattering men’s egos. The women would encourage the men to discuss the new technologies that their companies were developing and the corporate strategies for operating in the Chinese marketplace.7

Apparently anyone, even those who ought to be security conscious, can be a victim of a honey trap. The chief of security at Disney fell for a honey trap scam in a Westin Hotel in South Africa when a woman spiked his drink.8 When he woke up in his hotel room hours later, his credit cards had already been used.

So, granting that the honey trap is not an unheard of technique of corporate espionage, what can we do to prevent it? Well, first, we are not going to recommend administering minocycline, a tetracycline antibiotic, to all male executives. This drug has been clinically proven to facilitate healthy decision-making in human subjects. A recent study showed that minocycline reduces the risk of the “honey trap” during an economic exchange. Males tend to cooperate with physically attractive females without careful evaluation of their trustworthiness, often resulting in betrayal by the female. In this experiment, healthy male participants made risky choices (whether or not to trust female partners, identified only by photograph, who had decided in advance to exploit the male participants). The results show that trusting behavior in male participants significantly increased in relation to the perceived attractiveness of the female partner, but that attractiveness did not impact trusting behavior in the tetracycline group.

Turning to what can realistically be done to prevent honey traps from exposing sensitive corporate information, in his blog, a computer expert says that one must do the following:

  • Remain aware at all times; not just during our formal working hours.

  • Be ever cognizant for something that may seem too good to be true.

  • As banal as it may seem, make an effort to truly understand yourself and know your weaknesses. The better we understand what might entice us, the more difficult it will be for someone to employ a honey trap against us.9

He goes on to outline precautions against being honey trapped:

  • General precautions and multiple considerations when preparing for such an eventuality:

  • Don’t follow that girl. Because much of this article is dedicated to the seduction honey trap, women who may seem especially interested in you or your profession should be treated with extreme caution.

  • Take Favors From No One. Someone who seems overly eager to help you could have an ulterior motive. By seemingly ‘hooking you up,’ they may pressure you to reciprocate, often times using guilt or fear as a motivator.

  • Do your Due Diligence: Whenever possible, attempt to find information about someone who is trying to entice you. A conspicuous absence from the cybersphere, or reluctance to give information about themselves, might indicate a false identity or someone who does not wish to be identified.

  • Observe the room with a critical eye, hone your situational awareness skills, and consider:

  • Don’t follow that girl. Because much of this piece is dedicated to the seduction honey trap, women who may seem especially interested in you or your profession should be treated with extreme caution.

  • Take Favors From No One. Someone who seems overly eager to help you could have an ulterior motive. By seemingly ‘hooking you up,’ they may pressure you to reciprocate, often times using guilt or fear as a motivator.

  • Do your Due Diligence: Whenever possible, attempt to find information about someone who is trying to entice you. A conspicuous absence from the cybersphere, or reluctance to give information about themselves, might indicate a false identity or someone who does not wish to be identified.

  • Take special note of her behavior and demeanor during the exchange and consider:

    • Does she seem overly interested in your work or professional life?

    • Is she suggesting isolation? I.E., going up to her room, your room, or somewhere else private?

    • Does she seem nervous?

    • Is she attempting to make suggestive physical contact, such as touching the knee, playing with your hair, and so forth?

    • Be especially cognizant of someone manipulating your drinks. Do not leave a drink unattended, and be aware of anyone attempting to slip you some type of drug.10

Board members, besides what they may need to take away from this cautionary tale themselves, should consider getting this guidance out to management, and not just top management. A middle-, or even a low-level, manager may have more detailed critical information about, say, a new product, than upper-level management and not have the same inhibitions about sharing it as higher-level management.

In conclusion, honey traps are an effective means of manipulation and fraud. The honey trapper need only determine one’s weakness and then exploit it. Not just defense or political figures are vulnerable to this type of exploitation. It is incumbent upon all of us in the corporate world to know ourselves, our weaknesses, and what someone may have to gain by seducing us. Falling prey not only will compromise us as individuals, but also will negatively impact our businesses and their customers.

1 Cambridge Dictionary, Definition of “Honey Trap,” at https://dictionary.cambridge.org/us/dictionary/english/honey-trap.

2 Pressreader UK, “A Very Modern Honey Trap, Jan. 3, 2019, at https://www.pressreader.com/uk/daily-mail/20170801/281818578909785.

3 Id.

4 Simon Carr, “Why do men still fall for the lure of the honeypot?” Independent, Oct. 22, 2011, at https://www.independent.co.uk/news/uk/politics/why-do-men-still-fall-for-the-lure-of-the-honeypot-2374275.html.

5 Although less common, males have also been used to honey trap other males or females. For example, Jeremy Wolfenden, the London Daily Telegraph‘s correspondent in Moscow in the early 1960s, was gay. So the KGB ordered the Ministry of Foreign Trade’s barber to seduce him and put a man with a camera in Wolfenden’s closet to take compromising photos. The KGB then blackmailed Wolfenden, threatening to pass the photographs along to his employer if he did not spy on the Western community in Moscow. At least at that point in time, exposure through a homosexual honey trap was even worse than a heterosexual one.

6 David Brown, Intelligence, “How to Spot a Honey Trap,” Aug. 28, 2016, at https://news.clearancejobs.com/2016/08/28/how-to-spot-a-honey-trap/.

7 Julian Ryall, “Chinese hostesses catch Japanese hi-tech executives in honey trap,” South China Morning Post, International Edition, Oct. 22, 2013, at https://www.scmp.com/news/asia/article/1336808/chinese-hostesses-catch-japanese-hi-tech-executives-honey-trap.

8 News 24, “Disney security chief falls victim to ‘honey trap’ scam in SA – report,” at https://www.news24.com/SouthAfrica/News/Disney-security-chief-falls-victim-to-SA-scam-Report-20150402.

9 Michael Mancino, “Beware the Honey Trap,” https://mmancinoblog.wordpress.com/2015/04/10/beware-the-honey-trap/.

10 Id.

Share This Post