As a social engineering test a fake email with a link to a specially prepared fake webpage is sent to your employees, also referred to as phishing, in an attempt to acquire passwords. This is the most popular type of attack, which can be carried out together with obtaining your business contacts from public sources.
After analysing of the publicly available information, a phone call is made to obtain the private information of the organization or employee.
Infected USBs, CD-RO M «distribution», and other kinds of attacks are performed.
Attacks can be combined. For instance, some employees may receive a fake link to a website via email, while receive it via SMS or WhatsApp.
HOW DOES IT WORK?
An agreement on a test scenario is made with the client.
A list is made including all the employees participating in the test.
A test attack on a pre-selected customer representative is performed, ensuring everything functions properly.
The campaign is launched at a pre-arranged time.
You receive a complete report on the testing progress, including a list of employees who have not passed the test and have fully or partially completed the steps required.
Your employees understand that security training is crucial and should be carried out regularly, as cybercriminals' methods are constantly evolving.