Social Engineering relies on a set of technological, psychological, and physical techniques that trick a user into breaking security protocols.
Herjavec Group Social Engineering Assessment Services test your organization’s susceptibility to Social Engineering techniques with safe, approved, and authorized replication email-based attacks on targeted employees. The goal of the engagement is to help an organization understand and improve upon its present security posture.
Phishing occurs when an attacker masquerades as a credible source, and sends an email requesting that a user performs an action (ex: clicks a URL, or opens an attachment) and conveys confidential information.
Attackers will attempt to call various individuals or groups to gather information about a target or to influence an action. Typically a hacker calling a help-desk to request that a new account be created.
Impersonation occurs when an attacker pretexts as another person or presenting a false identity can allow an attacker to gain access to information, facilities, or secure systems.
Phishing, Vishing and Impersonation – All of these techniques rely on the exploitation of humans. In order to minimize the likelihood and risk of a Social Engineering attack, Herjavec Group will work with your organization to test end user Security Awareness of Phishing, Spear Phishing and other Social Engineering attacks.
The Social Engineering Assessment will:
- Assess security awareness by identifying users who click links in phishing emails
- Set phishing traps via web forms to flag data leakage risks
- Test end-user machines for exploitable vulnerabilities
Following the assessment, Herjavec Group will provide a final presentation as well as a report, outlining:
- Nature of the work performed including steps taken in exploitation
- Summary of the exposures identified
- Identification of data accessed
- Remediation recommendations