Social Engineering is an effective, non-technical means for an attacker to infiltrate an organization and secure a foothold by exploiting the “good nature” of human personality. One common route for social engineering involves an individual contacting a help desk claiming to be someone they aren’t. As a result of the help desk staffer wanting to help the individual on the phone, they either disclose information they shouldn’t have disclosed or give unauthorized access to someone they shouldn’t have.
Phishing is a subcategory of social engineering that is very specific to email and identified as one of the top future cybersecurity threats. It has been the root cause of many recent breaches.
To kickstart a social engineering assessment, Redspin utilizes client-supplied information to quickly determine the most likely areas for social engineering success. With this information gathered, we proceed with the engagement as follows:
After Redspin’s Social Engineering & Phishing assessment, your organization will have a greater understanding of your staff’s readiness to prevent social engineering attacks and a communication plan to increase their education, creating a culture of cybersecurity awareness.
Get Started with Redspin Today
Be Ready. Be Resilient. Validate