Social Engineering

Security risks for businesses are not only limited to technological risks. Social Engineering is a method used by hackers to get around an organisations initial IT security barriers.

Social engineering refers to the coercion and manipulation of people into either undertaking specific tasks or divulging confidential information. It is effectively a form of confidence trickery for the specific purpose of gaining information, committing fraud, or system access.

Our consultants have had years of experience working with businesses and helping them to develop security controls covering all aspects of security. Their knowledge shows us that security is only as strong as the weakest link and it is often the overlooked social element.

A hacker can employ many different methods or attack vectors to help them overcome your organisation security. CyberCrowd replicate this by undertaking a variety of methods and approaches to test your businesses resilience to such an attack.

These include:
Email
Telephone
Removeable Media
Text Message
On site

To better protect you, our consultants use modern tools and techniques to exploit social aspects of your organisation with the aim of obtaining information, that in a real world scenario, would aid a hacker in breaching your security perimeter. 

We will aim to inform you on:
  • The likeliness of such attacks being successful
  • Which methods your organisation is most susceptible to falling for
  • How to communicate good behaviours as well as poor
  • Recommendations on how to prevent future attacks

It is often the case that an employee, although trying to do a good job, is actually being manipulated by a hacker to divulge sensitive information. 

Information that could be obtained can include:
  • Access to network
  • Login Credentials
  • Commercially sensitive information
  • Physical access to sites
  • Further information to aid an attack

By completing these tests regularly and reviewing the outcomes, CyberCrowd works with our clients to ensure they are better defended against such attack whilst ensuring the likelihood of a genuine breach in security is minimised.