A common misconception people have about cyber attackers is that they only use advanced hacking tools and technology to break into computers and networks. This is simply not true. Attackers have learned that one of the easiest ways to steal information or compromise a network is by simply talking to and misleading you.
Briefly, humans are always the weakest link in the security chain! For this reason - and part of our security audits - we offer different types of human attacks, also called social engineering campaigns. Some examples are spear phishing and media dropping campaigns.
Spear phishing is an email spoofing fraud attempt that targets a specific company, looking for unauthorized access to passwords or other confidential data. We offer both non-intrusive and intrusive campaigns.
Our non-intrusive campaign is fully automated with a choice between different email templates. The result is a report, including the user clicks and logon attempts. Our intrusive campaign is available as an option with a black box penetration test. It includes reconnaissance and an external assessment, and is intent to compromise the infrastructure.
Media dropping is a simple and straight forward form of social engineering that usually involves a USB thumb drive left somewhere conspicuous, like a parking lot or building entrance area. The attacker places interesting-sounding files on the media drive that launches a client-side attack when executed. Also here, we offer both non-intrusive and intrusive campaigns.
- Email spear phishing
- Vishing and smishing
- USB dropping
- Wireless attacks
- Mystery guest
- RFID hacking
- Lock picking
To request a price quote or for more information, please fill out the form below.