A reader wants the scoop on a new tech term to her: honeypot:

“I am getting goofy emails and it is coming from my companies info@ web site.
This is where customers ask me questions and I can answer them with emails.

I am getting about 10 bogus emails a day. I ask someone who should know about
this and they said it looks like bot traffic spamming our contact form.
They suggested a “honeypot”.
That term is greek to me. Can you tell me how to do a “honeypot”?”


A honeypot is a trap that you set for hackers using some irresistibly sweet bait. In this case, that bait is a fake copy of your network with too-good-to-resist security flaws. Much like police sometimes use bait cars to attract car thieves or vulnerable-looking decoys to draw the attention of muggers.

I wouldn’t suggest attempting to set up your honeypot unless you are already pretty tech savvy. You’ll first need to purchase the appropriate software. What you’ll create is something that appears to be part of your network, but is actually completely walled off and closely watched. You can set this up on a physical or a virtual server, most often a Linux-based server.

The honeypot itself can’t stop the hackers from attacking your actual network, but it can gather important information about them that allows you to enhance your network security protocols by monitoring their behavior and even tracking the keystrokes as they try to steal your data.

If your organization has an IT person or an IT or security consultant, that’s the person to set up a honeypot. For someone with average tech ability, it would be a real challenge.  For an experienced IT person, it’s much simpler. The consultant would also be able to advise you on the best software for your needs and what to do with all of the data collected by the honeypot. A honeypot probably isn’t something you’d use for home.


You can click here for an article on the subject from Hacking Insider that optimistically promises that you can have one set up in an hour. That hour time-frame is intended for someone who already has some pretty strong IT skills.