Social Engineering.

The users will always be the weakest link.

Social Engineering is the manipulation of the human element to expose confidential information or systems.

Establishing a baseline

The human target is defined differently with each organization. During this phase we will define:
  • Scope of work
  • Engagement type
  • Points of contact

Research and Reconnaissance

The goal of this phase is to gather up as much information as possible about the organization. This involves:

  • Open Source Intelligence
  • Employee Information Gathering
  • Infrastructure Topology

Plan of Attack

Establish the social engineering framework for the campaign. The plan should flush out how the attacks are going to be executed, the order of the social engineering chain, and deliverables.

Set Up and Execution

The campaign will be launched during the specified scope and timeframe. Depending on the type of engagement and plan of attack, the campaign can last for weeks or months.

Deliver a report

At the end of the campaign, a full report of all the findings are documented. These will include:

  • Campaign statistics
  • Vectors of attack that were successful
  • Plans for retraining

Our suite of webinars aims to spread security efficacy as new vectors of attack arise. Stay consistent with your security and knowledge.