Financial losses stemming from phishing attacks have risen to more than $2.8 billion in 2006.
— Gartner Research
Attackers who do not quickly compromise a network may use Social Engineering Techniques to simply ask for credentials. Some organizations have gone to great lengths to secure their network infrastructure. However, this does not protect against a socially persuasive attacker. Forged internal requests and other modes of deception often trick well-meaning employees into providing attackers with privileged login credentials.
Social engineering is one of the most over-looked and ignored vulnerabilities, because it is difficult to detect and prevent without enforcing rigorous policies and employee education.
Until an organization has experienced a social engineering attack, such threats are often minimized or completely ignored.
Psicurity performs Social Engineering Assessments that reveal the inherent threats to an organization’s “social firewall,” while providing a documented basis for new policies and employee education.