Social Engineering Services
Social engineering has emerged as one of the most successful attack vectors in recent times. Advances in IT security have made it increasingly difficult to hack into a well-guarded enterprise. Network defences, encryption and smarter detection have forced cyber-attacks to look for easier targets which increasingly mean the soft underbelly represented by employees.
A social engineering attack is typically carried out by an external assailant who deliberately manipulates an employee’s good intention (i.e. their willingness to assist) or their general curiosity, such as enticing them to click on a link in an email to a malicious website.
Common tactics used by social engineers include:
- Tailgating – The social engineer closely follows employees into secure areas before the door has closed.
- Pretexting – A social engineer convinces an employee, in person or by phone or email, to hand over confidential information by impersonating someone else.
- Phishing – Sending an email which is disguised to appear as though it comes from a legitimate source and encourages the target to activate the attached malicious file or click on a link that directs the victim to a website hosting malicious code or requesting personal details.
- Baiting – This is where a social engineer leaves infected USB keys or other media in common areas such as lunch rooms, parking lots or foyers for employees to pick up and insert in their computers.
Sense of Security welcomes the opportunity to discuss and design a customised social engineering review that will assess your organisations ability to defend itself against this type of attack method.
To discuss how our specialist services can help your organisation defend against social engineering please contact us on 1300 922 923 or complete the enquiry form by pressing the button below.