Vishing Awareness Pentest: Attack simulation to raise awareness of the status quo
In our Vishing Awareness Pentests, we try to obtain different information from your staff via phone. For this purpose we pretend to be employees or customers.
You as a customer can set priorities according to your needs and your industry. Either you decide on a blackbox-pentest, a plain attack simulation or you order a whitebox-pentest. In this case, we test a specific scenario for you. For example, you give us the order to change master data or to find out product names.
After the fake calls, we summarize what information was obtained. In addition, we record in a reporting what an attacker could have done with the information obtained. From this we derive concrete recommendations for actions for your staff.
Vishing Awareness Training: We wake up your staff
Our customers can book targeted vishing calls as a package. Then, for example, we make 50 calls in a certain period of time. In most scenarios, we pretend to be colleagues and ask for sensitive but internal information, such as the phone number of the administrator.
After we have received the desired information on such a call, our caller identifies himself as a communication trainer and starts a training session lasting about 15-20 minutes. Just in the right moment, because now we have the attention of the called person.
During the telephone training we go into the most important topics. The focus is on knowledge transfer, but also on dialogue with the caller and the creation of a sustainable security culture.
What is the goal of our Vishing Awareness Training?
The vishing training is not about gaining hard information. For this purpose, pentests are the right choice. Vishing training is purely an awareness measure. It is a training that sensitizes the staff to the danger of vishing calls. This ”Hello Wake Up Effect” is target-oriented, because the participants:inside listen actively and have a good feeling when they leave the call. All results are summarized anonymously as statistics in the reporting to protect your data. In this way, we ensure that no employees are discredited.
In addition to our e-trainings, the vishing training is another proven tool within our security awareness measures, which can also be ordered independently. Would you like to learn more about our vishing pentests? Then contact us now.