Phishing Dark Waters : The Offensive and Defensive Sides of Malicious Emails
Phishing Dark Waters : The Offensive and Defensive Sides of Malicious Emails
Click to enlarge
Author(s): Hadnagy, Christopher
ISBN No.: 9781119183624
Pages: 224
Year: 201512
Format: E-Book
Price: $ 56.60
Status: Out Of Print

Foreword xxiii Introduction xxvii Chapter 1 An Introduction to the Wild World of Phishing 1 Phishing 101 2 How People Phish 4 Examples 7 High-Profi le Breaches 7 Phish in Their Natural Habitat 10 Phish with Bigger Teeth 22 Spear Phishing 27 Summary 29 Chapter 2 The Psychological Principles of Decision-Making 33 Decision-Making: Small Bits 34 Cognitive Bias 35 Physiological States 37 External Factors 38 The Bottom Line About Decision-Making 39 It Seemed Like a Good Idea at the Time 40 How Phishers Bait the Hook 41 Introducing the Amygdala 44 The Guild of Hijacked Amygdalas 45 Putting a Leash on the Amygdala 48 Wash, Rinse, Repeat 49 Summary 50 Chapter 3 Influence and Manipulation 53 Why the Difference Matters to Us 55 How Do I Tell the Difference? 56 How Will We Build Rapport with Our Targets? 56 How Will Our Targets Feel After They Discover They''ve Been Tested? 56 What Is Our Intent? 57 But the Bad Guys Will Use Manipulation . 57 Lies, All Lies 58 P Is for Punishment 59 Principles of Influence 61 Reciprocity 61 Obligation 62 Concession 63 Scarcity 63 Authority 64 Consistency and Commitment 65 Liking 66 Social Proof 67 More Fun with Influence 67 Our Social Nature 67 Physiological Response 68 Psychological Response 69 Things to Know About Manipulation 70 Summary 71 Chapter 4 Lessons in Protection 75 Lesson One: Critical Thinking 76 How Can Attackers Bypass This Method? 77 Lesson Two: Learn to Hover 77 What If I Already Clicked the Link and I Think It''s Dangerous? 80 How Can Attackers Bypass This Method? 81 Lesson Three: URL Deciphering 82 How Can Attackers Bypass This Method? 85 Lesson Four: Analyzing E-mail Headers 85 How Can Attackers Bypass This Method? 90 Lesson Five: Sandboxing 90 How Can Attackers Bypass This Method? 91 The "Wall of Sheep," or a Net of Bad Ideas 92 Copy and Paste Your Troubles Away 92 Sharing Is Caring 93 My Mobile Is Secure 94 A Good Antivirus Program Will Save You 94 Summary 95 Chapter 5 Plan Your Phishing Trip: Creating the Enterprise Phishing Program 97 The Basic Recipe 99 Why? 99 What''s the Theme? 102 The Big, Fat, Not-So-Legal Section 105 Developing the Program 107 Setting a Baseline 108 Setting the Difficulty Level 109 Writing the Phish 121 Tracking and Statistics 122 Reporting 125 Phish, Educate, Repeat 127 Summary 128 Chapter 6 The Good, the Bad, and the Ugly: Policies and More 131 Oh, the Feels: Emotion and Policies 132 The Definition 132 The Bad 133 Making It "Good" 133 The Boss Is Exempt 133 The Definition 134 The Bad 134 Making It "Good" 134 I''ll Just Patch One of the Holes 135 The Definition 135 The Bad 136 Making It "Good" 136 Phish Just Enough to Hate It 136 The Definition 137 The Bad 137 Making It "Good" 138 If You Spot a Phish, Call This Number 138 The Definition 139 The Bad 139 Making It "Good" 140 The Bad Guys Take Mondays Off 140 The Definition 141 The Bad 141 Making It "Good" 141 If You Can''t See It, You Are Safe 142 The Definition 142 The Bad 143 Making It "Good" 143 The Lesson for Us All 143 Summary 144 Chapter 7 The Professional Phisher''s Tackle Bag 147 Commercial Applications 149 Rapid7 Metasploit Pro 149 ThreatSim 152 PhishMe 158 Wombat PhishGuru 161 PhishLine 165 Open Source Applications 168 SET: Social-Engineer Toolkit 168 Phishing Frenzy 171 Comparison Chart 174 Managed or Not 176 Summary 177 Chapter 8 Phish Like a Boss 179 Phishing the Deep End 180 Understand What You''re Dealing With 180 Set Realistic Goals for Your Organization 182 Plan Your Program 183 Understand the Stats 183 Respond Appropriately 184 Make the Choice: Build Inside or Outside 186 Summary 187 Index 189.


To be able to view the table of contents for this publication then please subscribe by clicking the button below...
To be able to view the full description for this publication then please subscribe by clicking the button below...