A number of methods are available to test your staffs response to social engineering or phishing attacks. Call us to discuss your current situation and we will be able to advise on the best option for you.
To give you an idea what sort of thing is involved:
A phone call to one or more departments/individuals within the company. The end goal is to convince your employee to divulge information that may be useful to an attacker (usernames, passwords, multi-factor authorisation tokens, or other sensitive information)
We may send emails to your employees trying to convince recipients to click a link and enter their credentials.
Onsite assessments may involve attempting to gain entry to your company offices or other sensitive areas of operations.
All the above and more can be tested, using open source intelligence gathering to assist our efforts. You’ll be surprised how much useful data can be found online!