Phone Phishing Assessment: Determining Alertness – Raising Employees’ Awareness

Phishing – Simulating the Attacker on the Phone

With targeted calls to individual employees under false pretenses, we attempt to achieve certain goals agreed on in advance with the customer. Possible goals are:

  • Finding out passwords or properties of passwords (length, complexity)
  • Uncovering non-public details about the company (e.g. actual IT security measures)
  • Executing malicious code (in reality, for instance, ransomware)

No mistakes made by particular individuals are revealed. In fact, SySS will carry out the attack in the most anonymized way possible and provide results in the form of a quantitative, statistical evaluation of the attack outcome. The results are anonymized and documented in a management-ready report.

Lessons Learned

From a phone phishing assessment, you can expect the following results:

  • Statistics relating to the current awareness of employees
  • Enhanced awareness of employees
  • Verification of processes

You are interested in phone phishing?

Steffen Stepper
steffen.stepper(at)syss.de
redteam(at)syss.de
+49 (0)7071 - 40 78 56-6157
PGP Key

Project Scope

Phone phishing assessments are carried out in the course of one or two weeks and usually involve the following project phases:

  • Kickoff
  • Registration of domains
  • Design of a supporting phishing website
  • Review phase
  • Calling individual employees
  • Evaluation of the results
  • Documentation

Red Teaming Without Social Engineering

red teaming assessment would ordinarily include social engineering attack vectors. However, these are often very difficult to implement due to internal policies and the organizational culture. For this reason, SySS also offers the capability to conduct a red teaming assessment from a purely technical point of view.

 

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

GET IN TOUCH

+49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours

+49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number