The Offensive and Defensive Sides of Malicious Emails
By Christopher Hadnagy, Michele Fincher
Final Release Date: March 2015
Learn to catch a phish without becoming live bait.
Phishing e-mails create daily havoc for both individuals and organizations. A social engineering technique that preys on our human nature, phishing remains remarkably successful for scammers and malicious social engineers despite increasingly sophisticated security programs and awareness campaigns. Christopher Hadnagy and Michele Fincher, practitioners and consultants in human-based security, have spent years working to understand how and why phishing works. In this book, they dissect what a phish is, why it succeeds, and the principles behind it, fully exposing all of its flaws and detailing innovative ways to defend against it.
Focusing on the basics of the phish, the underlying psychology, the skillful use of influence, and a creative program to use the phisher's weapons against him, this highly readable guide provides tools for both individuals and corporations. Hadnagy and Fincher examine some of the most current and effective phish, show you how to spot a spoofed e-mail or cloned website, explore phishing education platforms that work, and demonstrate how to create your own phish to use in your security awareness program.
Despite legislation, user training, public awareness, and technical security, phishing persists because it exploits our natural responses to e-mail requests. Phishing Dark Waters, The Offensive and Defensive Sides of Malicious E-mails arms you with a greater understanding of:
The psychological principles that make phishing effective
High-profile breaches, including Target, RSA, and Coca-Cola, that began with a phish
Common scams, including those following natural disasters and other highly publicized events
Different goals of attackers: financial, corporate espionage, national security, and identity theft threats
How to protect your enterprise with a corporate phishing program and integrate it into company policies