Skip to content
VigilGuard Logo VigilGuard
Contact Us
EASM Platform VendorGuard ITRM Platform

Social Engineering

Social Engineering

Section titled “Social Engineering”

5 automated security scanners

Pretexting Vulnerability

Section titled “Pretexting Vulnerability”

Purpose: The Pretexting Vulnerability Scanner is designed to identify susceptibility to false identity attacks and process bypass attempts by analyzing company security documentation, public policies, trust center information, and compliance certifications. This helps in assessing how well an organization can defend against social engineering tactics that exploit human behavior.

What It Detects:

  • Security Policy Indicators: Checks for the presence of key security policy terms such as “security policy,” “incident response,” “data protection,” and “access control.”
  • Maturity Indicators: Identifies compliance certifications like SOC 2, ISO 27001, penetration testing, and vulnerability assessments.
  • Trust Center Information: Evaluates the content of trust center pages for security-related disclosures and transparency measures.
  • Public Policy Pages: Analyzes public policy documents for adherence to best practices in security and compliance.
  • Process Bypass Vulnerabilities: Detects potential weaknesses in processes that could be exploited through pretexting, such as inadequate verification procedures or overly trusting workflows.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com)
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”)

Business Impact: This scanner is crucial as it helps organizations understand their susceptibility to social engineering attacks, which can lead to significant security breaches and loss of sensitive information. By identifying these vulnerabilities early, organizations can implement preventive measures to safeguard against such threats effectively.

Risk Levels:

  • Critical: The scanner identifies critical conditions where the organization’s security is severely compromised or lacks any form of protection.
  • High: High severity findings indicate significant risks that could lead to substantial data breaches if not addressed promptly.
  • Medium: Medium severity issues require immediate attention but do not pose an imminent threat to large amounts of sensitive information.
  • Low: Low severity findings are generally informational and may suggest minor improvements in security practices without critical consequences.
  • Info: These are purely informative and provide general insights into the organization’s security posture that might be useful for ongoing monitoring.

Example Findings:

  1. The company lacks a comprehensive security policy document, which could lead to inadequate protection against potential cyber threats.
  2. The trust center page does not disclose any information about recent data breaches or compliance certifications, indicating poor transparency and potentially exposing the organization to higher risks.

Messaging Attacks

Section titled “Messaging Attacks”

Purpose: The Messaging_Attacks Scanner is designed to detect smishing and messaging app phishing attempts by analyzing company documentation, including public policy pages, trust center information, and compliance certifications. Its purpose is to ensure robust protection against social engineering tactics that could lead to compromised security policies and data breaches through messaging applications.

What It Detects:

  • Smishing Indicators: The scanner identifies patterns related to SMS-based phishing attacks and suspicious links or phone numbers within message content.
  • Messaging App Phishing Indicators: It recognizes attempts targeting popular messaging apps like WhatsApp and Telegram, focusing on deceptive messages designed to extract sensitive information from users.
  • Security Policy Compliance: The scanner verifies the presence of comprehensive security policies and incident response plans that address social engineering risks.
  • Data Protection Measures: It evaluates data protection policies for vulnerabilities in access control measures that could be exploited by attackers.
  • Compliance Certifications: The scanner identifies compliance with certifications such as SOC 2, ISO 27001, and penetration testing results, ensuring adherence to security standards.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com) - This input is crucial for the scanner to gather information from the specified company website.
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”) - Used to search and retrieve relevant security documentation and policies related to the named company.

Business Impact: Addressing smishing and messaging app phishing is essential for maintaining trust in digital communications and protecting sensitive information from unauthorized access. This not only safeguards user data but also mitigates potential legal and financial risks associated with data breaches.

Risk Levels:

  • Critical: The scanner identifies conditions where critical risk exists, such as the absence of detailed security policies or certifications that are crucial for high-level security standards.
  • High: High-risk findings include incomplete or poorly defined security measures in public policy pages and trust center information.
  • Medium: Medium-risk findings pertain to gaps in data protection policies and lack of mention of compliance certifications within the company’s documentation.
  • Low: Low-risk findings are those that involve minor issues such as outdated language in security statements or missing references to specific compliance standards.
  • Info: Informational findings include mentions of ongoing penetration testing results or updates to data protection measures, which provide a baseline for continuous improvement.

If the README doesn’t specify exact risk levels, infer them based on the scanner’s purpose and impact.

Example Findings:

  1. A suspicious link “http://example.com/login” was detected in an SMS message content, which could be a smishing attempt.
  2. A messaging app user received a deceptive message asking for personal information, indicating potential phishing activity targeting the platform’s users.

Phishing Resilience

Section titled “Phishing Resilience”

Purpose: The Phishing Resilience Scanner is designed to detect and analyze email phishing, spear phishing, and whaling attempts by examining DNS records, HTTP security headers, TLS/SSL configurations, and network port usage. This tool helps organizations identify vulnerabilities that could be exploited in targeted attacks, enhancing their resilience against phishing threats.

What It Detects:

  • DNS Record Analysis:
    • SPF Records: Checks for SPF records that allow all senders (v=spf1.*[+\-~?]all).
    • DMARC Records: Verifies DMARC policies (v=DMARC1.*p=(none|quarantine|reject)).
    • DKIM Records: Ensures DKIM is implemented (v=DKIM1).
  • HTTP Security Headers:
    • Strict Transport Security (HSTS): Ensures HSTS is enabled.
    • Content Security Policy (CSP): Checks for CSP headers to prevent XSS and data injection attacks.
    • X-Frame-Options: Verifies XFO headers to protect against clickjacking.
    • X-Content-Type-Options: Ensures content type sniffing is disabled.
  • TLS/SSL Inspection:
    • TLS Versions: Detects outdated TLS versions (e.g., TLSv1\.0, TLSv1\.1).
    • Cipher Suites: Identifies weak cipher suites (RC4, DES, MD5).
  • Port Scanning and Service Fingerprinting:
    • Open Ports: Scans for open ports that could be exploited.
    • Service Identification: Fingerprint services running on identified ports.
  • Email Pattern Matching: Matches provided email patterns against known phishing indicators.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com).
  • email_pattern (string): Email pattern to match against known phishing indicators.

Business Impact: This scanner is crucial for organizations as it helps in identifying potential vulnerabilities that could be exploited through email phishing, spear phishing, and whaling attempts. By detecting weak DNS records, insecure HTTP headers, outdated TLS/SSL configurations, and open ports, the organization can take proactive measures to secure their systems against targeted attacks, thereby mitigating significant security risks.

Risk Levels:

  • Critical: Conditions that directly lead to a complete compromise of system functionality or availability, such as allowing all senders in SPF records or having no DMARC policy.
  • High: Conditions that pose a high risk but do not necessarily lead to immediate system failure, such as enabling outdated TLS versions or using weak cipher suites.
  • Medium: Conditions that indicate potential vulnerabilities but may require further investigation before taking action, such as missing CSP headers.
  • Low: Informative findings that suggest improvements but currently do not pose a significant risk, such as the absence of XFO headers for protection against clickjacking.
  • Info: General information about the domain and its configurations, which does not directly affect security but provides baseline insights.

Example Findings:

  1. A detected SPF record allowing all senders (v=spf1.*[+\-~?]all) indicates a critical issue as it can be easily spoofed to bypass email authentication checks.
  2. Insecure HTTP headers, such as missing CSP or XFO policies, pose high risks by not protecting against common web attacks like cross-site scripting (XSS) and clickjacking.

Physical Social Engineering

Section titled “Physical Social Engineering”

Purpose: The Physical Social Engineering Scanner is designed to identify common physical social engineering tactics such as tailgating, impersonation, and dumpster diving by analyzing company security documentation, public policy pages, trust center information, and compliance certifications. This tool helps in identifying vulnerabilities in physical security measures that could be exploited by attackers.

What It Detects:

  • Tailgating Vulnerabilities: Identifies gaps in visitor access control policies, inadequate monitoring of entry points, and lack of training on recognizing tailgating attempts.
  • Impersonation Risks: Evaluates employee identification and verification procedures, assesses the presence of badge or ID requirements, and looks for protocols to handle suspicious individuals.
  • Dumpster Diving Susceptibility: Reviews waste management policies for sensitive information disposal, checks for secure shredding practices, and identifies potential exposure of confidential documents.
  • Compliance with Security Standards: Searches for SOC 2, ISO 27001, and other relevant compliance certifications, evaluates penetration test and vulnerability assessment documentation, and ensures adherence to best practices in physical security.
  • Policy Indicators: Looks for mentions of security policy, incident response, data protection, and access control. Verifies the presence and accessibility of comprehensive security guidelines.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com)
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”)

Business Impact: This scanner is crucial as physical social engineering attacks can lead to unauthorized access, data breaches, and significant damage to a company’s reputation and security posture. It helps in strengthening the organization’s defenses against such sophisticated yet plausible threats.

Risk Levels:

  • Critical: Conditions that directly lead to critical vulnerabilities in physical security measures or immediate exposure of sensitive information.
  • High: Conditions that pose significant risks to the integrity and confidentiality of data, requiring immediate attention to enhance security practices.
  • Medium: Conditions that indicate potential weaknesses needing improvement but not as urgent as high-risk issues.
  • Low: Informative findings suggesting minor vulnerabilities or areas for best practice enhancement.
  • Info: Non-critical observations providing general insights into the company’s physical security posture without immediate action required.

Example Findings:

  1. The company lacks a comprehensive visitor management policy, which could facilitate tailgating attacks.
  2. Employee impersonation risks are high due to inadequate verification processes and lack of suspicious behavior protocols.

Vishing Assessment

Section titled “Vishing Assessment”

Purpose: The Vishing Assessment Scanner is designed to identify and assess vulnerabilities in voice phishing (vishing) and call center attack strategies by analyzing company security documentation, public policy pages, trust center information, and compliance certifications. This tool aims to help organizations enhance their security posture against increasingly sophisticated vishing attacks.

What It Detects:

  • Security Policy Indicators: The scanner identifies the presence of comprehensive security policies that address voice phishing risks.
  • Maturity Indicators: It evaluates compliance with SOC 2 standards and ISO 27001 certification, as well as regular penetration testing activities and vulnerability scanning practices.
  • Voice Phishing Vulnerabilities: The tool detects gaps in employee training related to recognizing vishing attempts, inadequate monitoring of incoming calls, insufficient verification processes during phone transactions, and the absence of multi-factor authentication for critical operations.
  • Call Center Security Practices: It reviews call center protocols for handling sensitive information, assesses the use of secure communication channels, identifies weaknesses in caller verification procedures, and checks for regular security audits of call center operations.
  • Publicly Available Information: The scanner analyzes public policy pages to identify mentions of vishing risks, scrapes trust center information for details on managing voice threats, and evaluates compliance certifications relevant to voice communication security.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com)
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”)

Business Impact: This scanner is crucial as voice phishing attacks pose a significant threat to organizations, potentially leading to financial loss, reputational damage, and legal repercussions. By identifying vulnerabilities early, organizations can implement proactive measures to mitigate these risks.

Risk Levels:

  • Critical: Findings that directly compromise security policies or fail to meet essential standards without mitigation.
  • High: Significant gaps in security practices that could be exploited by attackers.
  • Medium: Minor deficiencies that may require improvement but do not pose immediate threat.
  • Low: Informalities that are generally acceptable but still warrant attention for continuous enhancement.
  • Info: Non-critical findings providing supplementary information useful for awareness and training.

If specific risk levels are not detailed in the README, they have been inferred based on the severity of potential vulnerabilities identified by the scanner.

Example Findings:

  1. The company’s security policy lacks explicit mention of handling voice-based threats, posing a high risk for vishing attacks.
  2. The call center does not enforce multi-factor authentication for all transactions, which is considered a critical vulnerability in safeguarding sensitive information.