Everything on earth has good or evil perspectives, same for deception in cyber world.
We heard a lot about phishing or scam that is the evil side of deception.
However, there is the need for good deception in the cyber space. To understand how threat actors penetrate or launch attacks, honeypots are established to let them take the bait. Honeypots can be vulnerable web sites, decoy email address or decoy social network identity that are under monitoring.
For vulnerable systems, researchers are able to understand the behaviors and TTP of threat actors from reconnaissance, access, ex-filtrate data, cover the track. Effective counter-measures can be developed in the cyber kill chain.
For phishing, researchers are able to spot if new exploits are deployed in content rich email or attachment to masquerade the malicious attempts then alert the community. Scams from social network could also be traced to inform law enforcement agency to take down the malicious identities.