Social Engineering Test
Social engineering testing relies on exploitation of factors in the human nature, typically by attempting scams on a company’s employees. In addition when security policies and practices are implemented by management, social engineering would test the adherence of the employees to those policies. Therefore the company would also be able to check the consequences from the activities of disgruntled employee, willing to steal corporate information by exploiting critical systems. For instance testers might send an email pretending to be someone from the management, asking the employee to open an attachment, provide sensitive information or visit a malicious website. After that a tester might call employees pretending to be from the IT staff, asking the employees to perform specific actions with their passwords. Companies often perform social engineering test in combination with security awareness training program. Baretzky and Associates Experts performs the following activities during a social engineering campaign:
Attempt Social Engineering by Vishing
Attempt Social Engineering Using E-Mail
Attempt Social Engineering by Using Traditional Mail
Attempt Social Engineering in Person
Attempt Social Engineering by Dumpster Diving
Attempt Social Engineering Using an Insider Accomplice
Attempt Social Engineering Using Web Sites
Attempt Identity Theft and Phishing Attacks
Try to Obtain Satellite Imagery and Building Blueprints
Try to Obtain Employee’s Details from Social Networking Sites
Use Telephone Monitoring Devices to Capture Conversations
Use Video Recording Tools to Capture Images
Our Baretzky and Associates Experts holds various certifications in ears such as CEH, OSCP, CCSA and more. The Vulnerability Assessment can help you comply with GDPR and is an absolute necessity if you are under GDPR regulations compliance.
The process can that up to 5 days Call us for consultation for more information.