social engineering

Social Engineering & Phishing Services

At Tarlogic we help our customers to protect themselves against social engineering attacks through fully customized simulations according to their requirements.

Contact
social engineering attacks

Social engineering objectives

One of the techniques most commonly used by cybercriminals to obtain initial access to internal company systems is through social engineering. This is because it is often easier, cheaper and faster to find a user vulnerable to these attacks than an exploitable vulnerability in the infrastructure. The results of these attacks are very often seen in the media as Ransomware infections, cyber scams, CEO fraud, etc. Tarlogic's social engineering services simulate fully customized attacks with the goal of improving our customer´s capabilities against these types of attacks.

Social engineering benefits

At Tarlogic we help our customers to improve their security against this type of attack. Our social engineering services use two approaches:

  • Awareness

    Through social engineering attacks with the objective of helping users to detect and manage in the right way this type of attacks. The methodology defined by Tarlogic employs the same attack vectors used by cybercriminals, and once a successful attack has been achieved, an impact awareness message is provided, to provoke a reaction to help to learn from mistakes and prevent them from happening again.

  • Assessment

    Used to evaluate a company's level of maturity against social engineering attacks and thus define the level of risk. This type of testing is beneficial when deciding to implement new measures or to evaluate the results of previous campaigns.

social engineering services

General description about social engineering services

Tarlogic's social engineering services may employ different attack vectors:

  • Phishing

    Evaluates the willingness of users to be victims of phishing campaigns. Through this type of campaign, metrics are obtained on user behavior in terms of opening malicious emails, clicking on links, downloading dangerous content or providing credentials.

  • Vishing

    One of the most effective methods to obtain information is to ask for it. Vishing tests the maturity of users in terms of providing confidential information to strangers or to someone claiming to be trustworthy through a phone call.

  • Smishing

    In recent years, cybercriminals are using social engineering techniques based on mobile devices. Users are more likely to follow a link received by SMS or through another messaging app (e.g. WhatsApp), considering them secure means.

  • Spear phishing

    Aimed at specific targets within the company such as departments handling sensitive information or managers. A specific campaign is defined that could use mixed techniques: for example, phishing and vishing at the same time.