Phone Phishing

Vishing, also known as voice phishing or telephone hacking, is a rapidly growing form of social engineering. It involves hackers calling your employees to get as much data as possible from them over the phone. And it's amazing how much confidential and company-specific information one shares with strangers in one short conversation...

During our "Mystery Call" service (ethical) hackers call incognito to your employees to test them.

How do we proceed?

With your approval, we will call your employees during working hours. We pretend to be an internal or external employee (e.g. someone from the IT Service Desk or an employee from an External Helpdesk) who needs extra information to perform a task. During a short conversation, we try to obtain as much confidential and company-specific information as possible from the person with whom we are calling. This can range from passwords, pin codes or cell phone numbers of board members to specific file information. We carefully map out all the security risks that arise from the conversations.

From experience, we can state that customer service, sales and HR departments are the most vulnerable to such attacks without a proper training and awareness programme.

After the discussions, we schedule a debriefing call for extensive reporting. This way, you know exactly which gaps in corporate security or awareness you need to address.

Why?

Because you want to know how resistant your employees are to hackers who call them or because you want to know whether the training courses given are actually being applied (as they should be)... Just test it.

 

You can also use our report as a reference to increase your employees' security awareness.