What is social engineering?

All of us have heard about cyber-attacks in which you are lured into performing specific actions such as providing a password or clicking on malicious links. Such deceptive attacks fall under Social Engineering. While phishing emails are the most common form of social engineering attacks, other forms of such attack – phone calls, text messages, social media, or, in some cases, physical interactions – are possible too. A deception technique such attacks employ is including personified information. When one sees one’s name or any other personal information in a social engineering attack, they are more likely to fall into the trap. This requires a bit of research which is a critical difference between simple automated phishing tools and professional social engineering.

Several major cyberattacks in the recent past have involved sophisticated social engineering mechanisms. Targeted spear phishing engagements and Vishing support calls, to name a few techniques, have been used by hackers to dupe employees and gain unauthorized access. Social engineering assessment will help you:

  • Assess risk from social engineering attacks
  • Be proactive and train users against such attacks
  • Prioritize security training for employees
  • Raise awareness of social engineering among employees

At Intellisec Solutions, we follow a structured process for social engineering assessments. The major steps in such assessments are as follows.

What We Offer?

Phishing Assessment

Intellisec Solutions’s phishing engagements go far beyond the automated tools found in many comparison services. We not only provide highly targeted, sophisticated scenarios for each client, but also research both the client organization and its employees to create sophisticated campaigns that ensure the best assessment of your organization.

Vishing (Voice Call) Assessments

These are attacks over voice phone calls in which users are coaxed into performing an unauthorized action, such as providing sensitive information or downloading an untrusted file. A common scenario is impersonating IT personnel to obtain passwords of employees or convincing them to install malicious software. Although less common, vishing is an effective attacking method if an immediate, personal connection with the target users can be established.

On-Site Assessments

While less frequent than email or phone social engineering, attacks via personal interactions are possible. Intellisec Solutions’s security team can help you assess such risks by identifying potential threats and protections you put in place to lower your exposure. Some common methods reviewed include ‘baiting’ the area with infected USB drives, tailgating employees through locked doors, and creating fake company badges to gain access to sensitive areas.


We work with wide organizations across a range of industries.

Rectangle 27


Rectangle 27


Rectangle 27


Rectangle 27


Rectangle 27


Rectangle 27