Posts

, ,

Social Engineering Awareness Program Part 4: Clicking the Phish

It is inevitable that at some point, someone will fall victim to a social engineering attack. This could be via clicking the phish, letting an unauthorized person in, or succumbing to a phone scam. Integrating with your Incident Response plan (if you have one; otherwise read my next series) is vital. Read more

,

Social Engineering Awareness Program: PART 1

Building the Culture to Support a Social Engineering Awareness Program

Today, companies are investing more than ever before on protecting their IT infrastructure. As a response, hackers and, in turn, penetration testers are using a different vector to gain access to enterprises: the human element. Humans can be exploited using a variety of methods collectively known as social engineering. This broad category includes phishing, spear phishing, whaling, vishing, smishing, pretexting, dumpster diving, and tail gating. Read more