Social Engineering

Do you know where your weakest link is?

Social Engineering
Scams
Spear Phishing

Spear phishing is a highly-targeted form of attack. Spear phishers use carefully crafted emails alongside social engineering tactics to convince individuals to both open and engage with the email.

Consumer Phishing

Consumer phishing is a type of attack in which a criminal sends a deceptive email that appears to come from a respected brand. This is usually done in order to gain individual account credentials.

Data Breach

Data breaches are frequently the result of intrusions caused by credential theft or the installation of malware. This is in turn fueled by social engineering and identify deception techniques.

Ransomware

Ransomware is a form of malware that infects the computers of its victims. From there, content is encrypted, and the victim is required to pay a ransom in order to regain access to their content.

Email Compromise

Email compromisation, or Business Email Compromise (BEC), is a sophisticated email attack in which a criminal sends a victim’s emails to an organization’s employees. It’s also known as CEO fraud.

Social Engineering

A Cybersecurity Must Have

The #1 cybersecurity threat for businesses is social engineering attacks. These types of attacks will be at the top for a long time to come.

Social engineering attacks, which rely on human interaction and fraudulent behavior to trick people, are the driving force behind spear phishing, email compromises, and ransomware.

We view social engineering campaigns as a must-have service for every business and organization. And it’s why we offer social engineering assessments for:

  • email phishing,
  • telephone/text,
  • and onsite/social pretexting.
of Breaches Involved Social Attacks
22%
Involved Internal Actors
30%
The Human Factor in IT Security

Employee actions lead to cybersecurity incidents. Although traditional cybersecurity attacks leverage technology-based system vulnerabilities, such as misconfigurations and software bugs, social engineering attacks take advantage of human nature and the inherit vulnerabilities in people.

Unethical Hackers use deception in order to trick targeted victims into performing acts that are harmful to a company’s network.

At MainNerve, we make the social engineering process painless and simple. Our team has conducted (and successfully delivered) numerous social engineering assessments for businesses of all sizes and types… and we can help you protect your company from the insider threat (your employees).

Involved Phishing
22%
Involved Use of Stolen Credentials
37%
The Next Big Threat

A social engineering campaign can be used as a one-time method of assessing the effectiveness of a security awareness training, or to support new and current training programs. Using the latest intelligence on social engineering techniques, a social engineering test can evaluate employees against general phishing and “spear-phishing” attacks that are intended to exploit trust and lack of security awareness.

Deploys a distinct simulated phishing email to test whether employees click on malicious links that they should not. It is a single test where no exploitation occurs, but only collects general information on the effectiveness of the attack and the employee’s response.

Tests user security awareness by manipulating individuals in your organization to perform unsafe actions or provide sensitive information over email. The content used in these scenarios ranges from generic, spam-like messages to client-specific emails that are designed to appear to originate from internal users, third-party service providers, or clients.

MainNerve offers two options for gathering information.  We recommend that the names and email addresses of the intended recipients during the social engineering test be provided beforehand. If such a list is not provided, where MainNerve must search or otherwise build a list through manual research, additional costs will be incurred.

A list of email addresses of the employees targeted, are provided by the customer.  Additionally, the customer may provide information that can help with the targeting, such s programs used or companies they work with. This type of social engineering test represents the simpler and quicker method as research is not required in order to build a list.

A list of employees email addresses is not provided to MainNerve, resulting in a lot of manual research on our part. Research includes employing tools and techniques for harvesting names and email address from open source directories, social media sites, and customer web sites. This extra research will incur additional costs.

Looking for a First-Class
Cybersecurity Expert?
Understand the risk posed to you, and your customers, by the vulnerabilities present in your network.
Consider These
Value-Add Services
Network Penetration Testing

Network penetration testing assists with the identification and examination of vulnerabilities for external, Internet-facing and internal, intranet systems. A network pen test will help determine whether an attack can exploit and compromise targeted systems. Take the next step to improving your business’ security with a network pen test.

Web App Penetration Testing

Web application penetration testing is designed to assess and test the state of your web-facing applications, and provide actionable remediation recommendations for enhancing your security. Ensure that your web applications are protected from malicious cyber threat actors. MainNerve web app pen tests are designed to review all types of web servers.

Compliance Solutions

MainNerve’s compliance solutions are designed to help fill one of the biggest challenges for businesses: staying in alignment with the exhaustive list of Governance, Risk Management, and Compliance (GRC) requirements. From PCI DSS and HIPAA, to CJIS and FINRA, MainNerve can help your business navigate the GRC landscape with specialized penetration tests.

Customers & Partners that Trust MainNerve

What Our Clients Say

In 12 years of tests, you are the first company that found anything higher than a low risk. Phone and cameras were never discovered in the test, let alone accessed. Great to always get a different perspective from a test.

CIO
Investment Management Company

MainNerve provided an extremely fast turn around when speed was our biggest factor. The project went smoothly and I would highly recommend them!

CEO
Software
Our local partner that normally provides us with vulnerability and penetration testing was unable to help us this year. We were lucky enough to find MainNerve as a solution to our problem. MainNerve was very responsive to us and worked under a very tight timeframe to perform vulnerability and penetration testing for us and help us out of a tough situation. They went above and beyond. They provided us with some additional guidance in other security areas as well. We will continue to use MainNerve each year now for our security testing needs. We are glad we found them.
Vice President
Actuarial Firm

I would highly recommend MainNerve for all of your network system testing needs. From my initial contact, all the way through the end of the services I received, everyone I encountered was courteous, professional, knowledgeable, patient, and very helpful. As a small business owner, who’s business was shut down as a result of the Covid-19 pandemic, MainNerve’s service fees were extremely reasonable making it affordable to ensure my network is secure from hackers. I will definitely be a repeat customer!! Thanks MainNerve!!

Owner
Dental Office

Sheena was great in guiding us though what was a new process for us. A client had asked us for a third party penn test report and she was very helpful in helping us choose the correct product and in determining the scope.

Software Engineer
IT/ Saas

I was quite pleasantly surprised by the engagement. I think the thing I liked best about it was that everyone at MainNerve really took the time to listen and understand what we did, why we were doing it, and our business goals. It gave us confidence that we were in the right hands.

Principal
Technology Company

This is my second encounter with MainNerve and my experience this time was even better, which is impressive considering my first encounter was great. I definitely recommend their services for your testing needs.

Owner
Dental Office

Always nice to have a dependable vendor that is fully committed and reasonably priced.

President
Insurance Administrator

We value our professional relationship with MainNerve. Their employees are friendly and extremely responsive. They always take care of our clients as if they were their own, while maintaining the penetration and social engineering testing. We couldn’t ask for a better Cybersecurity partner.

Don B.
MainNerve Partner & CEO of FrontierIT
We love working with MainNerve.  They are prompt in responding to our requests and help us get pen tests set up for our clients quickly.
Co-Founder
MainNerve Partner-MSP

This is a very well written report! Very impressive!

Managing Partner
Data Warehouse Platform Company

The report looks great!

Network Administrator
Enterprise Administration Software Company

References available upon request.