Social Engineering can be used as a one-time test of the effectiveness of your broader security awareness campaign, or to help win over support for new training programs.
Using the latest intelligence on social engineering tradecraft, these services evaluate the vigilance of your employees against creative, often personalized or "spear-phishing" threats that work to exploit trust and lack of security awareness.
- Phishing: Click and Log - deploys a distinct simulated phishing email (“PhishTest”) to a significant population of your employees to test whether they click on malicious links that they shouldn’t. It is a single test that attempts to trick as many employees as possible.
- Phishing: Endpoint Attack – tests user security awareness by manipulating individuals in your organization to perform malicious actions or provide sensitive information over email. The content used in these scenarios ranges from generic, spam-like messages to client-specific emails that are designed to appear to originate from internal users, third-party service providers, or clients.
- Vishing: Phone – the telephone equivalent of phishing, vishing is an attempt to verbally steer your employees into surrendering sensitive information like passwords, or to execute malicious software that gives attackers remote control of their workstation.