Social Engineering as a Service

Social Engineering as a Service

Companies constantly evolves their technical security capabilities to prevent cyber attacks. However, in the majority of cyber attacks adversaries go around these capabilities by targeting the aspect of a company where security is most neglected - the people. CEO frauds, phishing emails, pretexting calls and physical intrusions are on the rise and constantly in the news. Adversaries successfully employs social engineering tactics to steal intellectual property, personal information, and other sensitive data that can harm an organization’s competitive advantage and reputation.

Social Engineering as a service

TrueSec’s Awareness service is designed to change risky behavior and enable employees to report social engineering attacks.

On a regular basis, TrueSec’s experts will perform social engineering campaigns that include the common social engineering vectors:

  • Spear-phishing to high level executives (e.g. CEO fraud campaigns)
  • Phishing emails with the purpose of stealing login credentials
  • Malware (e.g. ransomware) delivered by e-mail
  • Spear-phishing personnel with high privileges
  • Drive-by attacks
  • Phone calls with the purpose of extracting sensitive information
  • Phone calls with the purpose of influencing the employee to perform an action (e.g. create an account)
  • Physical intrusions (e.g. to photograph sensitive data or plant a rouge device)

The test results are aggregated in a web based dashboard so you can follow your organization’s resilience to social engineering and see improvement over time.

A teachable moment

When employees enters credentials or executes “malware” delivered in a test, they will be presented with an education video about the dangers of social engineering. This gives the employee a valuable teachable moment.

Awareness insights over time

Get deep insights and follow your organization’s improvements over time in TrueSec’s Awareness Dashboard. See how many employees clicked dangerous links, leaked their credentials, downloaded malware, executed malware or reported the attack.

All statistics are anonymized yet gives you the possibility to follow improvement and see results by department and role.

Standardize reporting of phishing

Many times, when an employee suspect phishing they are not aware of the proper reaction. Should they escalate, warn their colleuges, delete or mark as spam? Truesec Phishing Informant is a plugin to the Outlook mail client that is simple to use and allows your employees to report any suspicious mails with a single click. Phishing reports can then be centrally analyzed and correlated. To get expert analysis, the plugin can be integrated with Truesec’s Security Operations Center (SOC).

The service is available on a monthly subscription. Contact us for a quote!

Haven't found what you are looking for?

Our team of experts loves questions.

Contact us

Cookie Information
We use cookies for this website to work properly for you. By continue to navigate this website, you agree to this. Read more about cookies here and our Privacy Policies here. 

Subscribe to our mailing list!



Email address:


I have read and agree to the terms & conditions

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at info@truesec.com. We will treat your information with respect. For more information about our privacy practices please visit our website. By clicking below, you agree that we may process your information in accordance with these terms. We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices here.