We have reported an issue to you

This page is designed to help you understand who we are and why we have contacted you regarding a security vulnerability. You may still have questions after reading, but we hope it answers the basics and minimises any panic or confusion. 

The basics

We are an ethical cyber security consultancy, based in South Yorkshire, United Kingdom. Our address and contact details can be found on the 'contact us' page on this website. Our company aim is to To reduce victims of cyber-enabled crime, focussing on a reduction of malicious social engineering attacks. More details about our company can be found under the 'about us' page on this website.

WE never demand money

Our business is funded by traditional consultancy and paid services, we work with companies testing their physical and online security and provide training and education. If we have reported an issue to you, we have done so because our business believes it's the right thing to do - we are not trying to pitch for paid work either. All we ask is you formally acknowledge receipt of our report, this means we spend less time reporting issues and more time finding them.

Working within the law

Ethics and the law are ingrained in our company ethos, our principal consultant assists with police to help train officers in the fight against cybercrime. We understand the computer misuse act and would never break the law to identify an error on your systems. Our company believes that security issues can fuel criminal activity and reporting issues minimises this. We have unique ways to detect security errors, this normally means we have not had direct contact with your IT systems.

Fix first attitude

We keep security issues confidential as you fix them. If you would like to discuss the issue further we welcome a mutual non-disclosure agreement. An MNDA can provide the foundations to discuss the issue in greater depth. It is likely we can offer advice on the security issue we have reported, we will happily share 30 minutes for free. Our intention is to guide you to fix the issue.

What Now?

You have no obligation to speak to us about the issue further, once receipt of the security issue has been acknowledged by you we are happy to leave this to your organisation to fix. We commonly blog about the security research work we do, often this is to educate other people about the risks we have identified.

Ernst & Young

The issue regarding incorrect DNS configuration has now been fixed. Thank you for bringing this to our attention, we look forward to future collaboration. - EY


TUI Group

When a stranger from the Anti-Social Engineer urgently tried to contact us, we found a good friend we never knew we had. - TUI


Thank you for bringing this issue to our attention. You will be listed in our Hall of Fame. Thanks again. - Twitter

Our Leading Solutions

Extensive Social Engineering, External Penetration and Web Application Assessments - exposing human and technical weaknesses.

AntiPhish Phishing Prevention combines educational phishing campaigns with a realistic experience.

AntiSocial Blacklist identifies if domains are likely to be used for social engineering – before an attack.

A combination of exciting learning methods that are tailored to your organisation - resulting in true security awareness.

Trusted By

Lets Get Social

Follow Us On Twitter

Connect On Linkedin

Like Us On Facebook

Receive our newsletters


Receive our newsletters

    By ticking this box you acknowledge you have read and understood The AntiSocial Engineer's Privacy Policy and you consent to the processing of your personal data for marketing purposes. You can unsubscribe from our newsletter at any time using the link at the end of each newsletter.