\u201cWe\u2019re probably looking at a 300-percent increase in cases involving hot foreign spies, sex, and dating in the last year over the previous year,\u201d says T. Casey Fleming, CEO, BLACKOPS Partners Corporation, a management consulting company on security to the Fortune 500.That 300-percent represents 20-cases in total, accounting for only the smallest fraction of the estimated thousands of cases that go undiscovered each year, says Fleming. \u201cOf the 20 cases we saw in the past year, the three largest represented many billions of dollars in stolen innovation and trade secrets,\u201d says Fleming.If you agree it\u2019s high time to clip the high cost of foreign spies, follow CSO under cover and learn the tools and methods these culprits use to bait and hook high-value employees and bleed your organization dry of data. With help from information soldiers who protect corporate assets on the front lines of data theft, you\u2019ll learn offensive techniques to thwart their alluring approaches.The TargetsForeign spies target companies with treasured trade secrets, some in the UK and more in the US. The activity spans all industries. \u201cMost recently the attacks have been specifically against the technology, finance, healthcare, energy, and defense industries,\u201d says Fleming.People targeted include sysadmins, executives, and really anyone with a lot of data access. \u201cIf you\u2019re important enough for your organization to pay to fly you around the globe for meetings and put you up in hotels, then you definitely have enough data access for hot foreign spies to target you,\u201d says Fleming.About 50-percent of the hot foreign spy activity BLACKOPS Partners Corporation sees is opportunistic and 50-percent is targeted (stalking) activity, according to Fleming. \u201cHot foreign spies will frequent a bar or restaurant near a target company, connect with people and once they find someone who is a high value target at the company, they go deeper,\u201d says Fleming. Otherwise they stalk specific executives and sysadmins they find on social media who have lots of inside access in the organization.[ 7 of the most famous spies ]These seductive information hounds lay in wait at dating sites and coffee shops as well as hotel bars and restaurants where they use honeypot schemes to involve their victims in dating and sexual relationships before blackmailing and extorting them for access to corporate secrets, according to Fleming. \u201cThey use blackmail, threatening to tell their company and spouse about the affair if they don\u2019t cooperate,\u201d says Fleming.\u201cSites we\u2019ve uncovered as sources of attacks by hot foreign spies over the past 12 months include match.com, Zoosk, Ashley Madison, LinkedIn, Facebook, Tinder, Monster.com,\u201d says Fleming. Spies connect with employees who are looking for fun and excitement, dates, affairs, and even escorts.Actual cases of foreign spiesIn one case where BLACKOPS Partners Corporation consulted, a female spy used a honeypot scheme on an executive who worked at a Fortune 100 financial services company who had a profile on LinkedIn. \u201cShe targeted the guy on LinkedIn because of his name and title. She stalked him, looked up his home address, connected with him in a bar, took information off his laptop and cell phone, and eventually stole his laptop and cell phone,\u201d says Fleming.[ How corporate spies access your company's secrets ]This sexy seductress stole customer information including many records with personal identifiable information. She was able to use his access to retrieve the passwords for many other domains and servers. \u201cThey had free access inside the company for about a year,\u201d says Fleming.In an earlier case that BLACKOPS Partners Corporation did not handle, a private defense contractor to the US Navy in Hawaii shared top secret military data with his much younger Chinese girlfriend who turned out to be a foreign spy.The woman ran a honeypot scheme on contractor Benjamin Bishop, which led to the revelation of the Navy information. Once he was caught up in the affair, she told him that he must continue to spy for her or she would tell his wife and the Navy about the whole thing.\tMitigating foreign spiesTo mitigate foreign spies, first train and certify all executives, employees, suppliers, and contractors using intelligence-based, multimedia, and role playing trainings, says Fleming. Intelligence-based training comes from using an intelligence engine that produces the kinds of vulnerabilities and threats that are happening right now so you can train people on what they will actually face out there today, not on something that was a threat three years ago.If you\u2019re important enough for your organization to pay to fly you around the globe for meetings and put you up in hotels, then you definitely have enough data access for hot foreign spies to target you.T. Casey Fleming, CEO, BLACKOPS Partners CorporationThrough role-playing and simulations you can engage people in enactments of the scenarios they will experience. This will help them to absorb the training in a more personal way. \u201cKeep it light. Keep it entertaining. Everybody hates to go to their annual security refresher briefing. It\u2019s dry. Bring in some fresh talent to drive the message home,\u201d says Tony Rucci, Founder, Root Technology.\u201cCase studies are a great training tool because people love to hear about someone else\u2019s failure,\u201d says Rucci. They can learn from what someone else did wrong. They may realize that perhaps they are already making the same mistakes and correct them rather than wait and have the finger pointed at them.Develop ways to reward the discovery of weaknesses, says Fleming.\u201cYou need to reward people for finding weaknesses and vulnerabilities,\u201d says Fleming. That way you can fix them before an adversary uses them against you. \u201cGive bonuses to the people who find the most vulnerabilities. Give the one who finds the most vulnerabilities in a year a paid vacation trip,\u201d says Fleming.[ International Spy Lingo ]Use two- and three- factor authentication. \u201cThe industry standard is 15 characters, uppercase, lowercase, and special characters for passwords. Two-token authentication is critical for thwarting unauthorized access,\u201d says Rucci. IT people and anyone with access across the company should always use two- or three- factor authentication.Hot foreign spies are real and certainly not rare. If you\u2019re looking for fiction, read James Bond novels. If you\u2019re looking for truth that\u2019s stranger and more perilous, learn to recognize the ploys of these foreign agents and you may just find it.