Social Engineering Assessment

End users are facing more threats than ever before. Attack vectors including credential harvesting and malware installation make your staff an easy target for would-be attackers. As the first line of defense in preventing a phishing attack, understanding the anatomy of a phishing campaign is paramount.

Your systems are vulnerable to breaches by bad actors… so are your people

Our customizable scenarios test the controls and security awareness levels of end users. With years of experience preventing attacks and a deep understanding of the current threat landscape, our campaigns highlight vulnerabilities and show end users on how to identify phishing and what to do when it occurs.

Our true to life scenarios employ the same tactics used by todays sophisticated attackers:

Email & Website Campaigns

We simulate an advanced phishing attack by emulating emails from vendors, specific users, 3rd party affiliates, or other personnel. The emails convince end users to visit a custom website
designed to capture credentials.

Voice Phishing (Vishing) Campaigns

We impersonate a party of your choosing, attempting to extract sensitive information in the form of credentials or business data. This method can work in tandem with a tailored fake website to provide more advanced testing scenarios.

Physical Access Walkthroughs

We perform a set of physical tasks to test how unauthorized users and devices are identified by your staff. Our team employs sophisticated tactics ranging from impersonation attacks to USB drops to test access controls and cybersecurity policy.

Prevent phishing attacks with End-User Training

Through a carefully developed program, we review steps in identifying, reporting, and preventing successful phishing attacks within your organisation. Training can be performed on location to ensure that all members are able to identify common threats and are adequately situated to protect your organisation’s data.