Project Description
Get your personnel hacked.
Simulate social attacks on
company personnel.
Social Engineering
The human factor is always the weakest link when it comes to protecting your data.
Where does staff fit into security?
A bank clerk clicking on an innocent looking link, an overjoyed electricity company employee claiming his $10K winnings with a fake website, a polite government employee holding the door for a nice lady carrying a pile of paperwork that he’s never seen. Social engineering experts can help point out the strengths and weaknesses of staff and how they will respond to these types of attacks. Services include phishing emails, vishing calls, in person pretexting, and more.
Once there is a clear picture of the weaknesses of a team, staff can be trained to respond and react according to protocol instead of with their human nature which is often too trusting and vulnerable.
Our insight.
-
Do you recall "The Woman in Red"?
-
A full-fledged computer with Kali distribution and integrated WIFI can be the size of a chewing gum pack...
-
Do not forget to think first before throwing your papers that might contain confidential and sensitive information into a waste bin! Minimize the critical risk of data leakage to your company.
-
The basis of our success is reliable payload delivery. We invent and implement new and original scenarios.
-
The USB flash drive you received from a young lady at a car repair shop that looks like a harmless gift from a car company, could be prepared especially for you with an unpleasant surprise inside...
-
Even a skilled security guard can get distracted by a strategically placed, charming young lady...
-
Spear-phishing involves hours of research about a high value target, which includes family, friends, background, and other personal details. This allows an attacker to send very convincing bait for the target. Social media and other sources of public knowledge are the main sources for this research.
-
Often, seemingly harmless information that is commonly posted online is collected and combined to create detailed profiles of targets.
-
Social engineers often use human psychology to plan attacks. Preying upon human instinct and self preservation are common tactics.
Frequently asked, always answered.
A report includes the list of vulnerabilities discovered with severity rating. Additionally, there is a managerial summary which outlines how these vulnerabilities correspond to a business risk, and a technical write up, so developers can reproduce and correct the issues.
No, the majority of the quote for a social engineering campaign goes into the story and message delivered to personnel. The size of the selected group has little impact on the cost.
Our tests are most effective if as few people know about them as possible. This way you can get the most accurate and realistic responses from your personnel.
Yes, we offer in-person, social pretexting designed specifically for your company and personnel. We will plan a realistic scenario, or pretext, to target and test the weak points in your personnel security and how they would react in these targeted events.
