Social Engineering & Social Media Penetration Testing

How secure are your people and their online practices?

Social attacks can range from social engineering attacks, which bypass security measures by exploiting people's trust, to attempts to compromise your social media accounts, harming your organisation's most seen online presence.

Often, people are just doing what they thought was their job - so you owe it to those in your organisation to understand exactly where their behaviours, tools and practices fall short. From there, you can decide which actions need to be taken to enable them to perform their jobs more securely in the future.

Social Engineering & Social Media Penetration Testing: what are they?

Our Social Engineering and Social Media Penetration Testing combines programmes that measure your people’s understanding of cyber security and attacker behaviour with in-depth security reviews and controlled attacks that probe for both technical and user-driven security weaknesses, across all of your organisation’s social media applications.

Our specialist consultants work as your security team, or alongside your existing security team, to identify and resolve security issues with your team’s everyday behaviours at work.

Our Services:

People are often viewed as the weakest link in cyber security - but if they can experience and recognise a social engineering exploit under controlled conditions, they can become the crucial first line in identifying and securely responding to a cyber-attack in the future.

Our Social Engineering testing helps ensure your people won’t get caught out when the attack is for real.

Our team’s extensive experience in all aspects of security testing means you can trust us to ensure that every avenue of attack is effectively explored. We expose your users to hackers' full armoury of social engineering attacks to understand in detail where users’ security shortcomings lie, including:

Email phishing, helpdesk and onsite social engineering attacks.
Pretext calling - obtaining personal information under false pretences and using it for identity fraud or similar.
Cloned and faked websites designed to fraudulently capture staff login credentials.
Spoof internal emails: Business Email Compromise attacks.
Malicious links that can take control of a machine if clicked on.
Third-party application exploits (e.g. Acrobat, Excel).
Fraudulent information disclosure or password reset requests.
Requests for unauthorised physical access to secure areas.

We provide a comprehensive report detailing your people’s exposure to these controlled social engineering attacks, the risk this represents to your organisation, and options for further training and education to put your staff a step ahead of the attackers.

For more information on Social Engineering testing, get in touch.