Skip to main content
Inc. UpdatesProtect YourselfSE

One Phish, Two Phish, Red Phish, Blue Phish

By April 6, 2015No Comments

Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails is out today.

What is a phishing attack?  Phishing is a social engineering technique and we define it as the practice of sending emails that appear to be from reputable sources with the goal of influencing or gaining personal information.

PhishingDarkWaters

How do you know if you’ve come across a phishing attack? Is there a way to determine if an email is legitimate or not without clicking?  The answers are all inside the latest book from social engineering experts Chris Hadnagy and Michele Fincher. From the private user who wants online protection to the team in charge of an enterprise information security awareness program, the book provides actionable defensive techniques and tools to help readers and organizations steer clear of malicious phishing emails.

What if I already know what phishing is? Can I still learn from this book?  The answer is yes.  Phishing Dark Waters provides insight into the financial, corporate espionage, nation-state, and identity-theft goals of attackers.  Readers will benefit from the comprehensive analysis of high-profile breaches at some of the world’s most well-known organizations.

Fincher and Hadnagy also provide useful insight for both organizations and individuals by exploring the underlying psychology behind phishers and how they use influence and manipulation to launch effective attacks. Readers will walk away with a firm understanding of the basics of identifying suspicious emails, all the way to how to design a program that leverages the phisher’s own weapons against him to protect assets.

I already have an anti-phishing technology in place… should I read Phishing Dark Waters?  Again, the answer is yes! Fincher and Hadnagy share their 30+ years of combined experience to provide a comparison of top phishing tools and examine reasons why most security-awareness programs do not work.  Phishing Dark Waters provides tips for creating a corporate phishing program integrated into organizational policies, that works.

Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails is available today on Amazon. Get your copy and arm yourself with the knowledge to defend against prevalent phishing attacks.

 

Tags:

Leave a Reply

Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they don’t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they don’t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organization’s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organization’s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now