Social engineering is the human side of testing for corporate vulnerabilities and comprises the techniques used by real attackers to fool an organisation’s staff into revealing sensitive information or performing actions that create security holes for the attacker to slip through.
Many companies will spend thousands of dollars on Intrusion Detection Systems (IDS), firewalls and other protection devices to monitor the network. However, all it takes is one phishing attack to potentially devastate an organisation.
Attackers will typically rely on the following six key principles of influence based on human cognitive biases:
Our approach to social engineering mirrors the latest tactics, techniques and procedures used by fraudsters today.
Our Social Engineering testing provides benefits including: