Social engineering is one of the most common attack methods used by criminals to trick employees into downloading malware, opening a door to a company’s headquarters, and other actions that pave the way for a compromise. Whether it’s through email, phone or physical break-ins, attackers develop realistic pretexts to achieve their objectives.
In more than 100 physical ruses X-Force® Red social engineering experts have executed against organizations, they were only stopped once. More than half of employees plug in USB drives planted by X-Force Red during engagements, and about 30% of employees click on the team’s custom-crafted links in phishing emails.
Just one of those mishaps can enable an attacker to compromise an organization, which is why it is critical for organizations to reduce the risk of a real attack succeeding.