Improve employee cyber awareness with a targeted social engineering attack
Psychological manipulation of people into performing adverse actions or divulging confidential information is a common approach used by criminals to compromise your business’ cyber security. By creating emails and web pages that imitate those of known individuals and organisations, fraudsters aim to trick individuals into clicking dangerous links or attachments, or divulging personal information.
Redscan’s Social Engineering service is designed to thoroughly assess the ability of your organisation’s systems and personnel to detect and respond to a targeted phishing attack. By mirroring the tactics, techniques and procedures used by genuine adversaries, this custom assessment helps to challenge defences, identify data leaks, uncover weaknesses in human behaviour, and improve cyber awareness.
Understand how susceptible your employees are to targeted phishing and spear phishing attacks.
Identify data leaks
Gain visibility of the information that an attacker could gather about your business using intelligence freely available in the public domain.
Raise cyber awareness
Improve employee awareness of social engineering attacks by using in-house examples to highlight good and bad practice.
Challenge your organisation’s cyber security controls, such as firewall rules, to ensure they are effective at identifying the latest social engineering attacks.
Phishing and spear phishing are two of the most common attack methods used by criminals to gain access to and advance within a network. By creating emails and web pages that imitate those of well-known individuals and organisations, fraudsters aim to trick users into clicking links or attachments that install dangerous keystroke logging malware, or entering personal information into fake websites.
Redscan's phishing-as-a-service tests your employee’s awareness of phishing email scams and can be combined with a full-scope red team operation to assess response to a mock cyber event.
Voice phishing is used by attackers to glean sensitive information over the telephone. Redscan's vishing-as-a-service test employees’ susceptibility to divulge important personal and business details that can be used to compromise your organisation’s cyber security.
Physical cyber security controls should be regularly tested to assess whether they are capable of monitoring and restricting access to critical systems and preventing data exfiltration and introduction of viruses.
By attempting to physically infiltrate your organisation’s business premises, Redscan’s social engineering service assesses resilience to physical intruders and rogue devices that could be used to siphon critical information.
Redscan’s approach to social engineering mirrors the tactics, techniques and procedures (TTPs) of fraudsters in order to raise employee education and help harden defences against the latest criminal attack methods.
In-depth research and open-source intelligence gathering techniques seek to identify valuable company and personal information that can be used to improve the success of attacks.
Comprehensive planning to prepare the TTPs necessary to exploit identified individuals.
Execution of the plan by triggering the distribution of a phishing or vishing email campaign.
Reporting and debrief
Documentation of the findings of the simulated social engineering attack, with recommendations to improve technology and processes as well as employee education of cyber threats.
Under a black-box test, Redscan’s certified ethical hackers have no prior knowledge of your organisation’s environment. Reconnaissance is conducted to identify intelligence about employees and in-place security controls.
A white-box approach is used in instances where social engineering assessments are undertaken to target specific employees using pre-supplied email addresses. A white-box test can be used to best simulate insider threats.
What our customers say
"Our partnership with Redscan has been one of the most successful that we have ever undertaken"
IT Director, ICG
"Redscan gave us the professional service and quick turnaround that we needed to meet our tight deadlines."
IT Manager, WMBA
“We’ve established a successful partnership with Redscan – their market leading cyber security offering is strong and we’ve won some exciting projects together”
Services Director, avsnet
“I can offer a higher level of assurance at board level about our information security now. Redscan gives us a broader lens on a complex and changing environment.”
IT Director, ICG
"If you want a solution where someone will look after you 24/7 and give you a very flexible, professional and agile service – you want Redscan"
Lead IT Infrastructure Architect, Pizza Hut
Assess your resilience to social engineering attacks
Please fill out the form below and we will get back to you as soon as possible