The attackers are attacking people, employees or associates of the organization with the aim to:
- Get (protected) information,
- Persuade employees to do something that will endanger the safety of the system.
This is done by exploiting the human’s:
- Willingness to help (a man in distress)
- Fear of technology,
- Shame of their own ignorance,
- Respect for authority.
They use methods of fraud, seduction, flattery, etc. The degree of endangerment of employees is reviewed trough different methods of provocation and trough bait planting as it would do real attackers.
The result of this test is a statistical assessment of employees and organization’s endangerment and recommendations for specific programs for raising consciousness and education of employees.
Please feel free to check the price for our human resources penetration testing services using our Penetration testing calculator!