Microsoft PowerPoint Honeytoken Enterprise
A Microsoft PowerPoint honeytoken embeds a hidden trigger in a .pptx presentation. Opening the file records the interaction and raises an incident.
Category: File
Configuration
| Option | Required | Description |
|---|---|---|
| Note | Yes | Where you placed the honeytoken |
After creation
Download the .pptx file from the wizard.
Placement examples
Download the presentation and place it where an attacker might browse:
- A shared project folder or meeting archive on a network drive
- A cloud storage path like SharePoint > Projects > Internal
- Backup slides or decks stored in restricted shares
Rename the file if appropriate (e.g. board_deck.pptx, strategy_2026.pptx). When someone opens the file, you receive an incident.
