Social Engineering Testing

Hackers often choose their targets, learn about them, and then pose either as an expert, co-worker, or a member of the public, etc, in order to lower their guard and ingratiate themselves with the target. By deliberately influencing an employee’s good intentions or their inquisitiveness, they can manipulate circumstances to their advantage to gain a strategic advantage. This could be in the form of accessing computer systems and networks, the target divulging sensitive information in conversation, photographing confidential documentation, having access to bug an employee’s phone or even their place of work.

NSI’s Offensive Cyber Security Unit will utilise social engineering techniques for testing purposes. Most employees are not aware of the possibility that hackers can trick them into divulging commercially sensitive information. Our experts can help your teams identify the various types of attacks, how to spot them, and outline best practices to mitigate these risks.

Learn More About NSI Global's Offensive Cyber Security Methodology

The Value of Social Engineering Testing

Identifies vulnerabilities your employees and business are at risk of
Identifies information in the public domain that can be used strategically against your employees and ultimately your organisation
Tests your cyber security defences to ensure they can identify and block attacks
Improves cyber security awareness exposing insufficient security practices and outlines areas for improvement.

Examples of social engineering tactics NSI may employ include

Tailgating

Where someone without the proper authentication follows an authenticated employee into a restricted area.

Pretexting

Convincing employee to hand over information by psychological manipulation.

Phishing

Where an attacker sends an employee a fraudulent message via email, instant message or text message in the hope the employee clicks on it.

Baiting

Where a scammer uses a false promise to lure a victim into a trap with a malware infected USB.

Whaling

A social engineering tactic used by cyber criminals to ensnare senior or important individuals in an organisation by acting like another senior colleague or important player.

Watering Hole

Where attackers identify a website that is commonly visited and trusted by employees and infect it with their malware.

Quid Pro Quo

Where attackers pretend to offer victims a service or benefit if the victim performs a specific task or provides information or access.

Industry Heavyweights and Government Departments Trust NSI Global

You can have the same peace of mind.

NSI Global has provided organisations with the intelligence they need to make informed decisions. We can arrange an appointment for a confidential discussion at our radio shielded, secure office in Sydney Olympic Park. This location is under 24 hour surveillance and has been fortified against bugging technology to ensure your privacy.

1300 000 NSI (674)