Social Engineering is a technique that relies on exploiting weaknesses in human nature, rather than hardware, software, or network vulnerabilities.
TAD GROUP offers four core Social Engineering areas to test human susceptibility to persuasion, suggestion, and manipulation:
The danger of phishing lies within the source of the message which could be a fake one and may attempt to lure the email recipient using a variety of false and misleading information.
Exchange of important and sensitive information through emails happen constantly and almost daily.
However, almost all of these exchanges don’t go through the proper channels for authentication and authorization.
To perform the required inspection by email phishing TAD GROUP will provoke the staff to visit unfamiliar Web sites, to disclose sensitive information, or in short - to perform an action that employees would not do otherwise.
Like any other modern form of communication, the exchange of confidential information over the phone happens almost constantly. Nowadays, the suggestion to hear the voice of a person on the phone is enough confirmation of his identity. Due to the same fact, malicious third-parties frequently divert from using email as a primary source for social engineering and tend to rely on phone calls/SMS as well.
By methods of Social Engineering via phone TAD GROUP will check how your employees are willing to reveal sensitive information about you, or are to commit other action which might affect your interests - intentionally or not.
In the business, the information is exchanged by fax and more often this kind of communication process contain particularly sensitive information. The implementation of these exchanges of information often is performed without any identification or authorization of the requesting side. Social Engineering by fax aims to identify any weaknesses in the management and exchange of faxes that can affect your staff, during the inspection.
Physical Social Engineering
TAD GROUP specializes in performing tests for Physical Social Engineering in your company. The tests run in a real physical environment, with our professional staff directly involved (apparently) or indirectly (hidden). The purpose of such tests is to reveal potential weaknesses in the way your employees work with visitors.
As part of the test, TAD GROUP's consultants pretend to be suppliers, new employees, business associates and even family members of employees in order to provoke staff to hand over confidential information or to authorize access to areas in your building that are usually prohibited to external visitors.
Because regular checks always guarantee your security!