Schellman’s Social Engineering Methodology
Phishing, Smishing, Vishing Methodology: These services examine your employees' responses to unsolicited messaging, which could result in unauthorized access to your sensitive data. We’ll begin with passive reconnaissance to generate a list of targets in your organization. From there, an agreed-upon pretext is designed and executed, after which the results will be documented, verified, and assembled into a report.
Physical Breach Methodology: During this test, we’ll attempt to physically enter your facility as an external attacker, but that will take time and preparation. We’ll begin with passive and active information gathering regarding your environment through methods including, but not limited to Internet research, site observation, and wireless reconnaissance. Using the information we discover, we’ll craft scenarios for social engineering, determine where entry points are, identify internal security mechanisms, and acquire the necessary equipment. When the time arrives, we’ll attempt to gain access to the target location via the designed pretexts, unsecured points of entry, or other non-destructive means of entry before providing you with a deliverable that walks through each aspect of the project.