Outsmart Social Engineers: Essential Tips from ValueSec
Social Engineering
You have invested time, resources and energy in training your employees about cyber security threats. It ticks all checkboxes in your internal IT governance body, satisfies all your clients and partners that you have conducted Cyber awareness trainings.
But do you really know how your employees will react at the time of a real cyber-attack? Or if they are equipped well with knowledge that they will spot and report a cyber threat immediately
Today, the data about anyone is available at disposal. People post tonnes of images, updates, video on social media networks, publicly accessible open websites and on various other communication channels. Key information about someone like address, date of birth, dates of various key events in person life is also posted on internet.
Attackers take advantage of these information and launch Social Engineering Attacks to lure your employees to believe them.
In fact Social Engineering Techniques are one of the top techniques used by attackers in executing a full scale cyber attack in enterprises.
Valuesec experts check the awareness of your employees about various tactics used by real attackers. We mimic the various attacks used by modern day attackers to test the resiliency of your employees.
We use below methods to make your employees believe that we are genuine person:
- Simulated phishing emails which may entice to click on a malicious URL, make them to upload document, and have their credentials harvested via fake login pages.
- Vishing phone calls pretending to be someone from your IT Team, finance team or operations team. Creating a sense of urgency and have to tricked into false actions