Why to conduct social engineering tests?
It is estimated that at least 90% of hacking attacks wouldn’t be successful if human behaviour would be correct. This is why the social engineering tests performed on the methods hackers use to phish for data or gain access to a company’s network are so important.
What do you get after the tests?
The result of the tests will be reliable information about where employees are aware of IT dangers and where gaps exist. How vigilant they are and whether they know what to do in case of suspicious behaviour.
CyberClue’s final report will also include recommendations of long-term awareness raising plan for the company.
- Emails with false links
- Text messages redirecting to a fake login or payment page
- Phishing phone calls
The testing method is always agreed with the customer..
Socio-technical tests, depending on needs and findings, may include eg.:
- OSINT research (research of publicly accessible information about the company and its employees)
- Breaking email server security to impersonate another user
- Creation of fake domains and pages to which employees are redirected after sending a fake email or SMS