On a sunny Sunday morning, Jose, Maria, and their three children head out to the countryside for a late summer picnic. They soon locate what appears to be a perfect spot to settle down: a nicely shaded area under a willow tree. They place a sheet on the grass and proceed to share the fresh food. It didn't take long for the local flies to notice the hungry family. Attracted by the sweet smell, a pack of little buzzers rush in and do what flies do best: annoy people. Their activity now threatens to ruin the day for the entire family.
Luckily, Maria pulls her secret weapon from the bottom of the picnic basket. She opens a jar of honey and places it a few steps away from the gathering. The buggers soon realize that free honey is a much better deal than fighting for crumbs, so they head toward the jar, leaving the family alone.
End of the story.
What's a honeypot?
A honeypot is an attraction point: a trap under the guise of a desirable object or location used as bait. The honeypot scheme is meant to attract, divert and often trap bugs and other creatures (even humans) which are deemed inopportune and undesirable.
In the context of computer security, a honeypot is
a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems.1
In the world of email marketing, a honeypot is a mechanism that allows marketers and publishers to identify spammers and other electronic annoyances, and to block them before they become a security threat. The honeypot scheme operates as follow:
A specific email address is configured for the sole purpose of baiting spammers and other robotic annoyances. The address is then planted across forums and websites, waiting to be harvested. Since that honeypot email isn't used for any "real" activity, anyone or anything that uses the address is necessarily a miscreant entity. Those spam emails can, therefore, be flagged and locked out.
A variation of that mechanism consists of re-activating email addresses that were closed or abandoned for a long time. The email of ex-employees or outdated services can be useful for that purpose. Again, the principle applies: anything that still uses those addresses can be blocked by a firewall and considered as spam.
The honeypot scheme described above, also known as spam trap, is of little use for individuals. However, it is widely used by corporations and organizations that require high levels of security. Just like their counterpart in nature, spammers and robotic hackers cannot distinguish the bait from the real thing and will eventually fall for it.
- Honeypot (computing) - Wikipedia, Honeypot (computing), https://en.wikipedia.org/wiki/Honeypot_(computing)