Social Engineering/Phishing

It’s a known fact that users are the weakest link in securing your organisation. Without knowing what to look for and how to protect against social engineering attacks, your users might end up being used to compromise your organisation.

Social Engineering and Physical Intrusion testing aims to highlight gaps in your users’ resilience against such attacks, performing the same attacks that are likely to allow attackers in.

To minimise your users potentially compromising organisational security, we provide the following services:

Email phishing: Users will be sent an email containing misleading information tempting them into running potentially malicious software.

Phone: A social engineering specialist will call multiple users and attempt to gain information, passwords and access to the user system.

USB Drop: A social engineering specialist will leave a number of USB sticks on customer premises containing specialised software. This software will alert Content Security if the USB is inserted into a system and run.

Physical Intrusion: Security consultants will attempt to break into a customer location through tailgating, social engineering, and manipulation of access control systems.

Our social engineering can fully support Information Security Awareness Training by providing a base to work on and by validating that the training is effective.