I challenge you to do some Social Engineering tests!

As a follow up to Security Awareness Training, I challenge you to do some Social Engineering tests!

Social engineering can be done remotely, using telephone and carefully crafted email messages to try to coerce the employee to provide information they should not be providing.  Giving away sensitive information, passwords, clicking on an email and unknowingly downloading malware are pretty much red flags.

On-site social engineering uses techniques to gain physical access to office locations, and once inside, to find information physcially displayed, gain access to a network, or locations normally considered to be off-limits.

Some organizations regularly are testing their employees through email campaigns to see if anyone takes the bait.  It may seem a bit harsh, testing your own employees’ security awareness, but it’s a fact these days that it’s best if you find out if further training is needed, before the bad guys beat you to it.

Nancy Sykora
Sr. Account Executive

RESOURCES & NEWS

Learn more about Penetration Testing and new exploits in HALOCK’s Exploit Insider.

The Dangers of Legacy Protocols

Exploiting API Endpoints

Abusing Default Credentials

Weaponizing Legacy Software

PCI Targeted Risk Analysis & DoCRA

https://www.halock.com/pci-compliance-new-requirements-and-targeted-risk-analysis/

HIPAA & Penetration Testing & Incident Response Plans

https://www.halock.com/are-you-ready-for-the-enhanced-hipaa-requirements-for-penetration-testing-and-more/

Top Threats in Healthcare

https://www.halock.com/top-cyber-threats-in-healthcare/

Cloud Security Risk Management

https://www.halock.com/prioritized-findings-and-remediation-in-cloud-security-reporting/

Penetration Testing Reports to Manage and Prioritize Risk

https://www.halock.com/a-threat-based-approach-to-penetration-test-reporting/