Phishing & Social Engineering

An efficient defence combining people and technology

Despite phishing filters, phishing e-mails regularly reach your employees. One wrong click by an employee can grant access to your server or transmit sensitive data, which is why your employees are particularly popular gateways. However, we do not focus exclusively on people, but on technical and physical vulnerabilities too and the resulting combinations.

Selected references on the subject

Our Services

Request offer

  • E-Mail Phishing

    With our phishing tests, you can see where your employees stand and raise their awareness of your company's security at the same time.

    • How many e-mails were opened?
    • How often was a malicious link in the e-mail clicked?
    • Were attachments opened?
    • Were data (e.g. passwords) transmitted?

    Derived from this, we develop organisational and technical measures with you to raise your employees' awareness. The tests are also a good basis for an awareness campaign.

    We develop a suitable phishing scenario with you or provide a selection.

  • Awareness Campaign & E-Learning

    In cooperation with you, we create an security awareness campaign that creatively and sustainably makes your employees aware of company security. To do this, we use a wide variety of tools:

    • Face-to-face training
    • E-learning including quiz and direct solutions
    • Security workshops
    • Security videos (OWASP)
    • Little security pocket book, guides and behaviour checklists
    • Reminder for employees: Flyers, posters and screensavers

    Read more about awareness campaigns here.

  • Voice Phishing

    For example, by impersonating your company's IT staff on the phone, Redguard experts attempt to involve your employees in an attack. The goal may, for example, be access to raise awarenes of information or the execution of malicious software.

    The insights gained enable a sound risk assessment and at the same time serve as a basis for internal awareness campaigns or are part of an attack simulation.

  • Social Engineering

    For example, using a false ID or a pretext, Redguard experts test your employees to see if they can gain access to physical rooms.

    Depending on the scope, we check which vulnerabilities can also be exploited after access, such as access to systems. We deliberately combine technical, physical and human vulnerabilities, as this is the popular strategy of successful attackers. In addition to the usual report, we can also capture and process the operations on video.

This is what your phishing scenario could look like

1. Employees receive an e-mail, supposedly from internal IT, with a plausible reason why they should log in to a platform via a link.

2. After a supposed login, employees are redirected to an error message and are asked to try again later.

3. However, their login data was actually transmitted to the attackers, as the login mask was forged. Phishing attacks of this kind are often not detected, or are only detected after the event.

This is why you benefit from phishing tests

  • Your company is provided with suitable, realistic scenarios for the phishing simulation
  • The tests are holistic and concern employees, infrastructure and processes
  • Your internal processes are tested in the event of an incident
  • You have recommendations for eliminating your relevant risks
  • You use the results as a basis for internal security awareness campaigns

Phishing attacks are successful more often than you think - and can cause significant damage to your business. Do you want to protect yourself? Ask for a consultation and find out what makes sense for your company. We look forward to hearing from you.