Social Engineering can be used as one-time test of the effectiveness of your broader security awareness campaign. It will also help win over support for new training programs.
Social Engineering is a technique used to trick the victims into leaking sensitive and confidential information that can be used in a criminal activity. Most often the targeted information is credit card and banking information, followed by social security numbers and passwords. The attacker may use various methods like e-mails, voice messages, or even in person visits masquerading as a legitimate, trusted source.
Tactics can include simply walking in the front door behind someone possessing a valid badge (also known as tail-gating), or dropping portable USB drives in the parking lot and waiting for an unsuspecting employee to plug them into their work computer.
Social engineering methods are limited only by the creativity of the person or persons perpetrating them. Whatever form social engineering takes, businesses and organizations are largely unprepared for how to effectively counter these attempts across their workforce. Getting employees’ attention and commitment to vigilance can be difficult without proving how easy those employees can be exploited.
CyberShield is designed to test your organization’s employee’s adherence to the security policies and practices.