We use Phishing techniques to attempt to infect user computers or trick users to divulge sensitive information. Email Phishing will measure how many users fall for the phishing ploy and click on a link or open an attachment.
BENEFITS / RETURN ON INVESTMENT (ROI)
Our Phishing services provides an economic way for you to measure the effectiveness of your Security Awareness training. Many attackers use social engineering tactics to take control of your systems. People, processes, and technologies have to work in concert to achieve a secure environment. Our Phishing campaigns test the people part of this triad.
The Phishing Report covers tactics used for the email phishing campaigns, as well as any other authorized social engineering tactics. Phishing analytics will be provided for an email campaign that show how many users “fell” for the tactic used by clicking on a link or opening an attachment. Samples of phishing emails are included in this section of the report.
Interested in testing your users to see measure the effectiveness of your Security Awareness training?
Contact Us for more information about our Social Engineering service.
Social Engineering FAQs
What are some of the common tactics used for Social engineering?
- Email phishing
- Phone calls to users or the Helpdesk
- Social media
- Text messages
Is the social engineering test performed remotely or oniste?
Typically we perform the Social Engineering Test remotely, unless In-person social engineering is requested.
What does a phishing email look like?
If phishing is done properly, the email should look very realistic and be hard to tell from a legitimate email. Below is a sample phishing email from the "IRS". Checking the "From" and "Reply-To" and hyperlinks can be used to reveal the email is not legitimate and is phishing.
Is Social Engineering part of penetration testing?
Yes, social engineering can be used as part of a penetration test. We prefer to offer our services in a line-item style so you can choose what works for you. We also do "pure" penetration tests where we use a combination of multiple tactics, such as physical (tailgating, badge cloning, etc.), social engineering, and technical. If you are interested in this type of service, please contact us.