Social Engineering Vulnerability Assessment

Social Engineering Vulnerability Assessment

Assess, educate and inform end user security awareness and resiliency.

Social engineering is the tactic of manipulating, influencing, or deceiving a victim to gain control over a computer system, or to steal personal, financial and otherwise sensitive information. It uses psychological manipulation to trick users into making mistakes or giving away sensitive information.

Scams based on social engineering are built around how people think and act. As such, social engineering attacks are especially useful for manipulating a user’s behaviour. Once an attacker understands what motivates a user’s actions, they can deceive and manipulate the user effectively.

In addition, hackers try to exploit a user’s lack of knowledge. Thanks to the speed of technology, many consumers and employees aren’t aware of certain threats and the tactics and techniques used by sophisticated adversaries. As a result, many users are unsure how to detect these threats and best protect themselves.

Generally, social engineering attackers have one of two goals:

  • Sabotage: Disrupting or corrupting data to cause harm or inconvenience.
  • Theft: Obtaining valuables like information, access, or money.

Canary Trap’s Social Engineering Vulnerability Assessment (SEVA) will include tactics and techniques that are designed to identify and exploit vulnerabilities in human behavior. We will look to employ phishing and spear phishing attacks along with other social engineering techniques to enhance your security posture and provide actionable insights into potential risks and threats.

Canary Trap will employ the following methods and types of simulated social engineering attacks during the SEVA:

  • Pre-engagement Research
  • Phishing Emails
  • Spear Phishing
  • Vishing (Voice Phishing)
  • Reporting and Recommendations

It is important to note that all simulated social engineering attacks will be conducted in a controlled environment with the utmost care for employee well-being and privacy. Additionally, comprehensive documentation and reporting will be provided, including analysis of susceptibilities to social engineering attacks, recommended improvements to controls and employee awareness training programs.

Canary Trap combines human expertise with sophisticated tools, proven methodologies and, where appropriate, threat intelligence to ensure a thorough, in-depth approach to security testing and assessments.

For more information, please complete our Scoping Questionnaire or Contact Us.

Download the Service Brief

Social Engineering Vulnerability Assessment

  • This field is for validation purposes and should be left unchanged.