This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

  Social engineering penetration testing

With testing and training, IT Governance can help keep your staff on top of existing and newly found phishing threats


Phishing is a serious threat to business

Phishing is one of the oldest ‘hacking’ methods used by cyber criminals. According to Verizon’s DBIR 2016 report, some 30% of phishing emails are opened by targets. Phishing works well because it tricks people into divulging sensitive information that can compromise their security. Moreover, successful phishing attacks deliver an enormous return on investment, which has motivated criminals to create increasingly sophisticated and creative phishing ‘lures’.


Most common types of attack

A comprehensive plan to combat phishing must start by educating employees about the role they play in your organisation’s information security posture. The most common types of attack include:


Can you spot the threat?


Use simulated phishing emails to assess your risks

A Simulated Phishing Attack aims to establish whether your employees are vulnerable to phishing emails, so you can take immediate action to improve your cyber security. This service gives you an independent assessment of employee susceptibility to phishing attacks and provides a benchmark for your security awareness campaigns.

Our team of penetration testers will come up with a range of phishing scenarios. We use various techniques, but they generally involve sending an email to random or, in some cases, specifically nominated personnel. The email asks the target to take certain actions that will result in them revealing sensitive information such as usernames and passwords.

The responses and any information contained within will be intercepted and assessed, and the users will be redirected to prevent suspicion.

After completing the simulation, the results of the test can be shared with employees. As part of this feedback, IT Governance has developed an e-learning module to help your staff understand how phishing attacks work, the tactics that cyber criminals employ to lure inattentive users, and how to spot and avoid a phishing campaign.


Minimise the threat of phishing attacks

The powerful combination of IT Governance’s Simulated Phishing Attack and Phishing Staff Awareness Course will help you reduce your phishing exposure by assessing your staff’s vulnerability to phishing attacks.