All Resources
Social Engineering
Identify and minimize company risk related to the people, policies, processes, and technical controls of real-time phishing & social engineering attacks.
There were more than 4.7 million phishing attacks in 2022, growing over 150% per year since 2019 according to APWG.
NetSPI’s Social Engineering focuses on email, text message, phone-based, and physical scenarios used by real-world adversaries to target key business goals, delivering actionable information to improve security.
Email & Text Message Testing (Phishing):
Determine employee awareness levels, identify training opportunities, and discover procedural gaps through customized phishing messages designed to persuade employees into giving up sensitive information, or test email and spam filter configurations to improve technical controls.
- Security Awareness
- Account Takeover
- Spearphishing Campaign
Phone-Based Testing (Vishing):
Following an audit-based or open-ended approach, identify and minimize risk as it relates to real-time phone-based attacks designed to gain sensitive information from employees based on publicly available information, allowing you to reduce the impact of real-world attacks.
- Policy Check
- Capture The Flag
Physical & On-Site Social Engineering Assessment:
An on-site analysis of your physical security controls and related policies is completed, and key personnel are interviewed to discover potential weaknesses or gaps that could allow unauthorized access to restricted areas or sensitive data.
- On-Site Social Engineering Assessment
- Physical Security Controls Assessment
- Full On-Site Pentest