Social Engineering
Social engineering tests the weakest link in most organisations the ‘human element’. Social Engineering assesses the human susceptibility toward deceitful persuasion and manipulation through email phishing, phone-based attacks, social media baiting and unauthorised physical access.
Email Phishing Assessment
Phishing emails are still the number one way attackers are compromising organisations. A recent survey states “ 78% of organisations say they experienced phishing attacks in 2018” Unfortunately, It takes only one user to fall prey to a phishing email attack for an unauthorised person to gain a foothold in your organisation. Our email phishing assessment helps you understand your organisation’s ability to defend against email-based attacks and helps you determine the current effectiveness of your end-user security awareness training program.
Social Media Baiting
As the world’s population utilises social media on ever-increasing bases, so too are attackers using it as a stepping stone to gain access to an organisation’s network. From impersonating work colleagues, clients or famous people, these social media services are being used to elicit crucial information about a company and the different roles and responsibilities within. Any comprehensive social engineering assessment should include social media-based attacks to help you understand your organisation’s ability to defend against social media-based attacks and help you determine the current effectiveness of your end-user security awareness training program.
Phone-Based Attacks
Phone-based attacks are still a popular way of compromising organisations because it circumnavigates your technical controls and deals directly with the end user. Any comprehensive social engineering assessment should include phone-based attacks to help you understand your organisation’s ability to defend against phone-based attacks and help you determine the current effectiveness of your end-user security awareness training program.
Unauthorised Physical Access
Sometimes walking in through the front door is the easiest option to gain access to an organisation. During this assessment, we will highlight how threats such as unauthorised physical entry onto your premises, impersonation and deception could affect your business and how they should be handled. We use different methodologies and resources to gather information. Then, depending on your test objectives, we will use a range of techniques including persuasion and reverse social engineering.