Phishing Assessment FAQs
Phishing is a type of online scam that involves a large-scale release of email and other electronic communications designed to trick users into revealing sensitive information such as credit card information and account passwords, by impersonating legitimate organisations or people.
Social engineering is a malicious manipulation technique that exploits human error to gain private data access by luring unsuspecting users to into disclosing data, giving access to restricted systems or spreading malware infections.
It only takes one user to fall prey to a phishing scam for a threat actor to gain a foothold in your organisation. The wide availability of phishing tools on the internet has enabled hackers with even a low level of skill to conduct successful attacks.
Anti-phishing is a collective term used to describe the security measure that individuals and organisations can take to prevent a phishing attack, as well as mitigate the impact of a successful attack.
Penetration tests such as a phishing test should be conducted by an external provider like Gridware to ensure that there is no bias in the testing and that it is run independently by technical experts who are familiar with the latest developments in exploits and both international and industry standards.