Share
Social Engineering Vulnerability Assessment
Social engineering is the tactic of manipulating, influencing, or deceiving a victim to gain control over a computer system, or to steal personal, financial and otherwise sensitive information. It uses psychological manipulation to trick users into making mistakes or giving away sensitive information.
Scams based on social engineering are built around how people think and act. As such, social engineering attacks are especially useful for manipulating a user’s behaviour. Once an attacker understands what motivates a user’s actions, they can deceive and manipulate the user effectively.
In addition, hackers try to exploit a user’s lack of knowledge. Thanks to the speed of technology, many consumers and employees aren’t aware of certain threats and the tactics and techniques used by sophisticated adversaries. As a result, many users are unsure how to detect these threats and best protect themselves.
Generally, social engineering attackers have one of two goals:
- Sabotage: Disrupting or corrupting data to cause harm or inconvenience.
- Theft: Obtaining valuables like information, access, or money.
Canary Trap’s Social Engineering Vulnerability Assessment (SEVA) will include tactics and techniques that are designed to identify and exploit vulnerabilities in human behavior. We will look to employ phishing and spear phishing attacks along with other social engineering techniques to enhance your security posture and provide actionable insights into potential risks and threats.
Canary Trap will employ the following methods and types of simulated social engineering attacks during the SEVA:
- Pre-engagement Research
- Phishing Emails
- Spear Phishing
- Vishing (Voice Phishing)
- Reporting and Recommendations
It is important to note that all simulated social engineering attacks will be conducted in a controlled environment with the utmost care for employee well-being and privacy. Additionally, comprehensive documentation and reporting will be provided, including analysis of susceptibilities to social engineering attacks, recommended improvements to controls and employee awareness training programs.
Canary Trap combines human expertise with sophisticated tools, proven methodologies and, where appropriate, threat intelligence to ensure a thorough, in-depth approach to security testing and assessments.
For more information, please complete our Scoping Questionnaire or Contact Us.
Take the next step to
engage with Canary Trap
engage with Canary Trap
If you require our cybersecurity services please share your details below and we will be in touch!
