Common methods social engineers use are:
- Baiting – whereby the attacker leaves an infected peripheral such as a USB memory stick in a common staff area in the hope a staff member inserts it into their computer or hands it to the IT department.
- Tailgating – whereby an attacker follows another staff member into a secure area before the door has closed.
- Phishing – whereby an assailant sends an email masked as another staff member or a genuine source and directs the staff member to open the infected file or follow a link.
- Pretexting – whereby the attacker persuades a staff member to hand over restricted material by mimicking someone else.
By testing and measuring your staff’s response to external emails and calls or analysing and measuring the physical security in a sensitive area of your company or by conducting a controlled baiting exercise to see the extent of the staff’s security awareness, our experts are able to secure your intellectual property and trade secrets to give you peace of mind.