Social Engineering Drill

We simulate hacker phishing emails to test employees' information security risk awareness, and organize information security awareness and training sessions to avoid relevant risks caused by inappropriate email behavior.

Email is a major channel of external communication for companies, but it can also be an entry point for hackers to penetrate a company. Hackers use phishing emails that employees may be interested in to entice them into clicking in order to steal their accounts or passwords or hack into their computers, resulting in data leakage and property loss for companies.

ISSDU's Social Engineering Drill Service can customize email templates according to customer needs in line with the latest phishing trends. By conducting employee social engineering alertness tests based on the email accounts provided by the customer, we can test the users' level of alertness for email social engineering attacks and knowledge in information security protection according to the organization's information security policy and regulations using a back-end statistical system. After testing, we provide a complete exercise report and can assist in arranging information security awareness sessions or give advice on further handling measures, ensuring correct information security practices by personnel and helping them build an overall understanding of information security protection.

Conduct Regular Social Engineering Drills to Prevent Employees from Falling for Phishing Emails

Social Engineering Drill's Service Advantages and Benefits

Testing by Professional Teams

Our professional testing team, with rich experience in exercise services, helps customers complete simulation exercises in a secure environment. Our customers cover the financial industry, government sector, technology industry, manufacturing industry, etc.

Comprehensive Behavioral Statistics

We provide better than industry statistical reports, including three different ways to calculate trigger rates individually, namely based on the emails opened, links opened, and attachments opened. We can also present information on trigger time, trigger behavior, and trigger devices in the reports

Realistic Exercise Templates

We offer customized phishing email templates in line with the latest phishing trends as well as domains similar to legitimate company domains to achieve realistic phishing email attacks, truly assessing employees' email behaviors

Professional Reports and Consulting Services

We can assist customers in identifying departments or personnel with lower awareness of information security in their companies and provide them with training. Statistical reports can also show the types of emails that employees may easily fall for. Customers can conduct exercises based on the reports annually to ensure increased awareness of information security for employees.

Social Engineering Drill Process


Confirm Customer Environment

Confirm the division and scope of responsibilities for the departments within the organization under test according to its information security policies, regulations or rules, and plan the test schedule accordingly.


Provide a List of Email Accounts

Receive a list of email accounts to be tested from the customer and help set up the SPAM system to avoid blocking test emails.


Produce Email Templates

Customize email templates for the social engineering exercise based on discussions and needs.


Send Test Emails and Provide Reports and Advice

Send test emails to check if employees are sufficiently alert to email social engineering attacks, provide statistical response records and complete reports, and arrange follow-up training and information security awareness sessions.

ISSDU Provides You with Services that Fit Your Industry and Needs

We offer customized information security testing services