• slide-1
  • slide-2
  • slide-3
  • slide-4
  • slide-5

phishing 3390518 340

Social Engineering is the method of manipulating the weakest element in  the cybersecurity chain: The person. Through smooth talking a social  engineer is capable of persuading a person to either let them into a  secured area he didn't suppose to have access to, or to divulge
confidential information. The social engineer generally works in (among  others) a method like this:

-The social engineer creates a problem, then appears to solve it for the victim, the victim is thankful for the help and now owes the engineer a  favor which he can later use to persuade the victim to do something he/she normally wouldn't do (like mailing a phonebook or something to someone/somewhere it shouldn't go to)

-The social engineer imitates a higher ranking person in a company and orders some employee to send money somewhere or create an account for someone etc. and applies pressure on the person to increase the odds of them complying.

-The most popular one has got to be the Microsoft Helpdeskrandomly calling people to inform them their computer has been infected with a virus and they need help toremove it because Microsoft's system said so. The unsuspecting victim then downloads a remote administration tool which gives the attacker access to their systems, in some cases people may be persuaded to get a subscription to said software. This is classic Social Engineering.

ID Control simulates these kinds of attacks to show businesses where their weaknesses lie.

What we do:
-Slipping into an organisation to see if protocols are followed.
-Dropping/sending USB sticks with our own software on it to see if employees plug them in.
-Phishing (Sending fake emails to see if people open attachments).
-Vishing, similair to phishing only now we call the organisation to see if we can get your employees to divulge sensitive information.

Please contact one of our cybersecurity consultants via +31 (0)  888-SECURE!

Go to top