Social Engineering and Social Media Penetration Testing
How secure are your people and their online practices?
Your people are social animals, and cyber attackers will target their social behaviours in many ways.
These range from social engineering attacks that bypass security measures by exploiting people’s trust, to attempts to compromise your social media accounts and thus harm your organisation’s most-seen online presence.
But your people are just doing what they thought was their job – so you owe it to them to understand exactly where their behaviours, tools and practices fall short, and what action needs to be taken to enable them to perform their roles more securely in future.
This is what our Social Engineering and Social Media Penetration Testing delivers.
Social Engineering & Social Media Penetration Testing: what are they?
Our Social Engineering and Social Media Penetration Testing combines programmes that measure your people’s understanding of cyber security and attacker behaviour with in-depth security reviews and controlled attacks that probe for both technical and user-driven security weaknesses, across all your organisation’s social media applications.
Our specialist consultants work as your security team, or alongside your existing security team, to identify and resolve security issues with your people’s everyday behaviours at work.
Social Engineering and Social Media Penetration Testing from Firesand - why you need it:
- Social Engineering
People are often viewed as the weakest link in cyber security – but if they can experience and recognise a social engineering exploit under controlled conditions, they can become the crucial first line in identifying and securely responding to a cyber-attack in the future.
Our Social Engineering testing helps ensure your people won’t get caught out when the attack is for real.
How Firesand does it better:
Our team’s extensive experience in all aspects of security testing means we expose your users to the attacker’s full armoury of social engineering attacks to understand in detail where users’ security shortcomings lie, including:
- Email phishing, helpdesk and onsite social engineering attacks
- Pretext calling - Obtaining personal information under false pretences and using it for identity fraud or similar
- Cloned and faked websites designed to fraudulently capture staff login credentials
- Spoof internal emails - Business Email Compromise attacks
- Malicious links that can take control of a machine if clicked on
- Third-party application exploits (e.g. Acrobat, Excel)
- Fraudulent information disclosure or password reset requests
- Requests for unauthorised physical access to secure areas
Additional benefits: We provide a comprehensive report detailing your people’s exposure to these controlled social engineering attacks, the risk this represents to your organisation, and options for further training and education to put your staff a step ahead of the attackers.