Psicurity - Social Engineering

By: Psicurity  09-12-2011

Financial losses stemming from phishing attacks have risen to more than $2.8 billion in 2006.
— Gartner Research

Attackers who do not quickly compromise a network may use Social Engineering Techniques to simply ask for credentials. Some organizations have gone to great lengths to secure their network infrastructure. However, this does not protect against a socially persuasive attacker. Forged internal requests and other modes of deception often trick well-meaning employees into providing attackers with privileged login credentials.

Social engineering is one of the most over-looked and ignored vulnerabilities, because it is difficult to detect and prevent without enforcing rigorous policies and employee education.

Until an organization has experienced a social engineering attack, such threats are often minimized or completely ignored.

Psicurity performs Social Engineering Assessments that reveal the inherent threats to an organization’s “social firewall,” while providing a documented basis for new policies and employee education.

The information in this article was current at 06 Dec 2011

Contact Psicurity

Email - none provided

Print this page

Other products and services from Psicurity


wireless Network Vulnerability Assessment (wNVA

Psicurity’s Wireless Network Vulnerability Assessment uses the techniques of wireless attackers to determine the potential vulnerabilities of your wireless network. Despite the increased public awareness of wireless security risks, there has never been a greater need to enforce strong wireless security standards. Wireless attackers are often able to breach Wi-Fi networks located miles away from the comfort of their own car.


Psicurity - Web Applications

Web application vulnerabilities are easily overlooked by programmers who must view the same code each day, and often their job does not specifically require attention to such details. For customers who require the utmost in web application security, Psicurity provides Gray Box testing, which is a combination of external application testing and internal code review.


internal Network Vulnerability Assessment (iNVA

The lack of internal security management typically results in hundreds, if not thousands, of potential vulnerabilities, which require a concerted remediation effort by both management and technical staff. Psicurity's "exception reporting" methodology provides accurate and highly readable documentation, clearly identifying risks without excess technical detail.


Psicurity - Industry Compliance

One of the greatest challenges an at-risk organization must face is how to organize the people and processes necessary to continuously maintain compliance with industry best practices. Our unique approach to management consulting helps foster the organization-wide consensus necessary to implement an Information Security Management System, as prescribed by ISO.


external Network Vulnerability Assessment (eNVA

Psicurity’s external Network Vulnerability Assessment provides customers a picture of their network security from an external attackers perspective. Our "white hat" team of intrusion analysts examine externally networked systems "in the blind," and generate a Target Map of the network “attack surface.. Fulfills the requirement for regular penetration tests, as required by official compliance regulations, such as SOX.


Psicurity - Assessment Overview

Our documentation provides immediate summary material for management staff, including in-depth technical details, and a customized Solutions Guide to help your IT staff quickly and effectively mitigate risks. So many automated programs are searching for victims that computers can expect to survive only five minutes before being attacked, and will withstand the attacks only if they are configured securely.