
Social engineering is the simplest and most common way that cybercriminals gain access to confidential information. Hackers know it is much easier to convince a human to break the security rules they are asked to follow than it is a programmed firewall. The goal of Social Engineering testing is to train and educate employees to be the first line of defense.
Employ a variety of real-world techniques to mimic the way hackers are currently targeting organizations. Our offerings includes the following:
- Phishing Assessment: SBS sends an email appearing to be from a legitimate source (e.g., core banking provider, internet service provider) and asks recipients to respond to the email. Recipients of the email are then directed to a website where they are asked to enter confidential information.
- Telephone Impersonation: SBS calls the organization and tries to convince the customer representative into giving them confidential information by impersonating various entities.
- Physical Impersonation: SBS physically goes inside the organization and identifies themselves as someone else (e.g. telephone repairman, system provider) as they try to access information by looking over people’s shoulders, looking at papers on employee’s desks, or by gaining physical access to systems.
- Mobile Storage Device Misuse: SBS leaves a removable media device in the path of an employee. When an employee inserts the device into their workstation, a transmission is sent to the SBS office to advise them the media device had been inserted into the system.
- Dumpster Diving: SBS will gather the trash from the organization’s dumpsters and search through it for confidential information.
- Personalized Social Engineering Scenario: SBS will work with you to create a social engineering scenario unique to your institution.
✔ THE SBS ADVANTAGE