Cybercriminals often use psychological manipulation as a tactic. By creating emails or web pages impersonating known organizations, attackers try to trick people into opening malicious attachments, clicking unsafe links, and disclosing personal details.
Our social engineering services focus on helping your organization with the ability to detect and respond to phishing attacks. We also provide an overview of possible threats by creating a customized assessment per organization.
Identification of potential threats
Monitor proper reactions and workflows
Raising awareness amongst users
Simulating real case scenarios
Phishing is one of cyber-criminals’ most common vectors of attack. By producing emails impersonating trustworthy individuals and organizations, attackers aim to entice users to click unsafe links and attachments or reveal confidential details. A phishing test can be conducted as a standalone exercise or as part of a Red Team Service.
Spear phishing is a highly targeted phishing attack designed to compromise a particular individual, usually a system administrator or another user of high privilege.
Also known as phone phishing or voice phishing, our consultants will attempt to call individuals at your organization to get sensitive information. If successful, we will use the information gained to pivot further or make a more convincing phishing test.
We gather information on targeted organizations and individuals.
We exchange the information we gathered and make a final list of targets.
We prepare the material used as part of a social engineering test. This means crafting emails, cloning websites, and preparing attachments.
We send out the emails and monitor the clicks, entered credentials, or received sessions from the targets. Also, communication is ongoing, and status is synced with you.
A report with all the details about the test is prepared and delivered.