Phishing by phone research
Are employees manipulable? Phishing by phone, also known as vishing or voice phishing, is used to run targeted attacks on organisations. It can also be used as preparation for a future attack, for example by acquiring specific information to use in a spear phishing attack. To what extent are employees within your organisation manipulable to provide information?
The phishing by phone research maps the strength or vulnerability of the organisation and employees when they are approached by the researcher with the question to provide confidential (personal) data. This includes client data or login information. The researcher can assume multiple roles. Usually, we pretend to be an IT employee of an organisation, a worker from home, or a client’s family member. The exact method is determined together with the client. By using criminals’ methods and tricks, the researcher attempts to win the employee’s trust and acquire information.
The method in which various employees or departments are approached is determined together with you. Our default call scripts have proven to be very effective. Would you prefer a different approach? We are happy to set up a method script with you.
The findings and advice are anonymised and worked into an extensive report. Phone conversations can be recorded and edited in a gripping way. The results of the research are an eye opener for many managers and employees, because people are often unaware that this method is often and successfully used by criminals.
The research looks for contact with employees via phone to analyse whether employees provide information about co-workers, clients or login details. Including reports.
Setup plus calling for half a day €1.195,-
Extra half day of calling €500,-
Social engineering abuses human traits to acquire confidential information.
Gain insight into vulnerabilities with a mystery guest and/or a USB drop.