Do employees know they're being tested?

No, that's the point. We simulate real attacks. We only tell them afterwards, with immediate learning moments for those who fall for it. This gives the most realistic view of your vulnerability.

What happens if someone clicks?

They land on a safe page explaining it was a test and what the warning signs were. No real damage, but a valuable learning moment. We track who clicked, who submitted credentials, and response times.

How do you handle sensitive data?

Everything we collect (clicks, login attempts) is treated confidentially and only shared with your security team. Data is deleted after reporting. We comply with GDPR requirements.

Can this be combined with training?

Absolutely. In fact, that's most effective: first test, then train based on weak spots, then retest to measure improvement. Many clients combine social engineering testing with our security awareness training program.

Offensive Security

Social Engineering

In-depth and realistic. Our social engineers simulate real attacks, test human behaviour and decision-making, and expose weaknesses where context, pressure, and deception truly make the difference in practice.

Request Assessment Security Awareness Training

Social Simulation, Live

SE-284-X...

ACTIVE ATTACK VECTOR

Credential HarvestingPHASE 2/4

1,240

EMAILS SENT

18.4%

CLICK RATE

COMPROMISED

Target Sales Dept

Active Monitoring

[14:22:08]Payload triggered on workstation ws-002

[14:24:12]Lateral movement simulation initiated

A CRITICAL FINDINGS

RISK LEVEL

What we test

Phishing

Fake emails that test if employees recognize fraudulent messages and suspicious links.

More Information

Vishing

Phone calls where we try to deceive employees and extract sensitive information.

More Information

Smishing

Fake text messages via SMS that test if your team is alert on mobile too.

More Information

Mystery Guest

Our experts attempt to gain physical access without an access pass, testing your reception and security.

More Information

USB Drop

We deliberately "drop" USB drives and see who plugs them in. Test your employees' curiosity.

More Information

Executive Threat Analysis

Specific social engineering attacks on executives are the most valuable targets for hackers.

More Information

What you receive

Who clicked, submitted credentials, and response times

Which teams score well and which are at risk

Awareness level per employee

Concrete actions to train vulnerable groups

Your score versus industry average

Combine with Pentesting Try Swishing

campaign_results.json

Emails Sent2,547

Open Rate68.4%

Click Rate23.1%

Credential Submission8.7%

High

Risk Level

Best Dept

Sales

Needs Focus

Frequently asked questions

How it works

Reconnaissance

We gather information about your organization and employee, exactly as a real attacker would.

Campaign design

We create scenarios tailored to your industry, current threats, and organizational structure.

Controlled execution

Attacks are launched in waves with real-time monitoring and safety measures.

Analysis and reporting

Comprehensive results with concrete improvement points and action plan.

Ready to test your human firewall?

Discover how vulnerable your organisation is to social engineering.

Start Assessment View All Services