The test involves checking the level of awareness of employees and resistance to certain methods of social engineering attacks using typical channels (e-mail, telephone, instant messaging).
Sample scenarios:
- Phishing attack – sending prepared messages by e-mail or by means of messengers containing links to fake websites that intercept login data or to malware
- Attempting to obtain sensitive information through telephone conversations or other unconventional communication channels
- Breaking the security of the e-mail server in order to impersonate another user
Execution method:
- A remote test according to a selected scenario
- A work report in Polish
Benefits:
- Reliable and objective information on the current state of employees’ awareness of the company’s IT security
- A ready set of recommendations for eliminating threats together with a recommendation for implementation
- Effective spending of budgetary funds by directing investments to areas that really require improvement and reducing security management costs through effective, proactive identification and assessment of threats
- Enhancing the accuracy of business decisions through a precise understanding of the organization’s security status
- Minimizing the risk of reputational damage caused by information leaks and potential legal consequences
- Additional information:
- The activities carried out will be documented with a list of compromised credentials and systems