Social engineering

Assess the ability of your organisation’s systems and personnel to detect and respond to targeted email phishing attacks with AXO social engineering service.

Talk with Expert
three workers focusing on monitor while one guy explaining
Identify risks posed

Understand how susceptible your employees are to falling foul of social engineering attacks.

Understand your digital footprint

Gain visibility of the information that an attacker could gather about your business from intelligence freely available in the public domain.

Challenge defenses

Challenge your organisation’s cyber security controls, such as firewall rules, to ensure they are effective at identifying and blocking social engineering attacks.

Raise cyber awareness

Improve employee cyber security awareness by using a simulated social engineering attack to highlight good and bad practices.

AXO comprehensive phishing services

Our team is dedicated to delivering end-to-end IT transformation. It starts by fully understanding your business requirements, application needs and the technology that makes them work together.


Phishing is one of the most common attack vectors used by cybercriminals. By creating emails that imitate those of trusted individuals and organizations, fraudsters seek to lure users into clicking links or attachments that install keystroke logging malware, or divulge personal information such as passwords.

AXO phishing simulation service assesses your employees awareness of phishing email scams.


Spear phishing is a highly targeted phishing attack designed to compromise a specific individual, usually a system administrator or high authority individual. AXO spear phishing service tests the susceptibility of an agreed target to reveal confidential information.

Business email compromise

A Business Email Compromise (BEC) is a type of phishing attack involving the impersonation of a senior executive. Its aim is to trick an employee, customer or vendor into wiring payment for goods or services to an alternate bank account.

AXO social engineering service can be used to simulate a Business Email Compromise attack, and test awareness of other fraudulent practices such as mandate fraud and distribution fraud.

Social engineering penetration testing

Social engineering is an attack vector commonly used by AXO certified ethical hackers as part of a wider cyber security assessment. Learn more about our complimentary range of cyber security testing services

Our approach to social engineering tests

AXO approach to social engineering mirrors the latest tactics, techniques and procedures (TTPs) used by fraudsters. A typical anti-phishing assessment involves:



By using open-source intelligence gathering techniques (OSINT), our team of ethical hackers seek to identify valuable company and employee information that could be used to improve the success of the intended simulated social engineering assessment.



Using all aggregated intelligence and their knowledge of the latest TTPs, our experts carefully prepare your phishing test to ensure that it is as authentic as possible and stands the best chance of achieving a pre-agreed objective.



We execute the phishing test and, if part of the scope of the assessment, spoof any compromised users in order to escalate network privileges and make fraudulent requests, such as those common in distribution fraud and BEC attacks.


Reporting and debrief

Upon completion of the social engineering operation, we document its results and provide recommendations to help address any identified risks and improve security awareness training programmes.

AXO black box and white box testing methods

AXO social engineering services can be aligned to both black box and white box testing methods.

man working with laptop

Black-box testing

Under a black box social engineering simulation, AXO’s ethical hackers have no prior knowledge of your organisation’s environment. Reconnaissance is conducted to identify intelligence about employees and security controls in place.

White-box testing

A white box approach is used in instances where phishing testing targets specific employees using pre-supplied email addresses.

two man discussing holding smartphone
AXO Technologies Sdn Bhd (1276407-U) is an innovative and thoughtful IT consulting firm based in Selangor, Malaysia. We help organizations solve their IT challenges by leveraging technology in their business process.

With our certified professional team, we strive to provide a better understanding and relationship with our customers.
+603 7622
AXO primary logo in white
Privacy Policy
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram