Do you want to know whether sensitive information within your organisation is safeguarded? With our telephone phishing research, we can find out for you.

Telephone phishing is a form of social engineering in which an attacker attempts to manipulate a person over the telephone. The attacker’s goal is to obtain confidential information or to have actions performed.

Emploware can carry out telephone phishing at your organisation with the aim of obtaining confidential information. This can vary from login data or personal data to any information that is important to your company.

During our investigation, we will approach your organisation by telephone and our employee will pretend to be, for example, an ICT employee or a relation of your company. We can link various techniques to increase the success rate. You can think of research on social media or information from the management.

The term telephone phishing is also known as ‘vishing‘, which stands for voice phishing. It is a form of social engineering that is particularly effective because, as humans, we are usually naturally inclined to help. In addition, many employees are unaware of the dangers the organisation faces.

Phone phishing at companies

Vishing occurs regularly at companies. In 2020, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning notice about the increase in vishing attacks. This is mainly due to the growth of home workers. Many home workers do not have adequate security, and communication with the office is not always optimal. This offers opportunities for attackers to obtain sensitive information and perhaps even access to the company’ system.

What to do after a vishing campaign?

For all our clients we advise educating their employees through cybersecurity awareness training. Security awareness is a continuous process. Your organisation is only as strong as its weakest link and in cyber security, the weakest link is often the people within the organisation.

Most of our clients combine the training with a phishing simulation. For more questions on the best approach, we advise you to contact us.