Engineering & Transportation
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images
Have one to sell? Sell on Amazon

Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft Hardcover – December 15, 2006

ISBN-13: 978-0071475549 ISBN-10: 0471782459 Edition: 1st
Buy used
Buy new
Used & new from other sellers Delivery options vary per offer
60 used & new from $2.74

Roads and Ecological Infrastructure by
Roads and Ecological Infrastructure
Conceptual and practical, this book will influence the next decade or more of road design in ecologically sensitive areas and should prevent countless unnecessary wildlife fatalities. Learn more | See similar books
$90.02 FREE Shipping. Only 1 left in stock (more on the way). Ships from and sold by Gift-wrap available.

Frequently Bought Together

Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft + Phishing Exposed
Price for both: $144.46

Buy the selected items together

Editorial Reviews


"…I highly recommend this as a must-read book in the collection of phishing literature." (Computing, September 13, 2007)

"…may be used as a textbook or a comprehensive reference for individuals involved with Internet security…" (CHOICE, July 2007)

From the Back Cover

"This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable—each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing."
—Directors of the International Financial Cryptography Association (IFCA)

Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it.

Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing.

While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks.

Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics.


Shop the new
New! Introducing the, a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Hardcover: 736 pages
  • Publisher: Wiley-Interscience; 1 edition (December 15, 2006)
  • Language: English
  • ISBN-10: 0471782459
  • ISBN-13: 978-0071475549
  • Product Dimensions: 6.5 x 1.3 x 9.5 inches
  • Shipping Weight: 2.5 pounds (View shipping rates and policies)
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (3 customer reviews)
  • Amazon Best Sellers Rank: #2,432,010 in Books (See Top 100 in Books)

Important Information

Example Ingredients

Example Directions

Customer Reviews

4.3 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See all 3 customer reviews
Share your thoughts with other customers

Most Helpful Customer Reviews

Format: Hardcover Verified Purchase
Phishing is a dangerous phenomenon. But only in recent years has it become common. Another way of seeing this is to note that this book is only the third devoted to phishing. The first two were published in 2005. (Whereas generic spam was already sufficiently a problem in 1998 that a book appeared then, with some primitive antispam methods.) Jakobsson and Myers have assembled a formidable set of articles that define phishing, its dangers and countermeasures. The text explains why phishing stands separate from spam. In part because it is always fraudulant, whereas some spam actually offers real goods and services.

Concerning dangers, Jakobsson and others describe experiments where they sent simulated phishing messages to university students. Response rates were disturbingly high. This from an educated group! The book also cites other studies which reveal that phishing messages and their websites can be very professionally done, and can sometimes fool even experts.

However, the countermeasures described in the book have severe disadvantages, some of which, though not all, are described in the text.

Consider making a blacklist of known phishing sites. This might be done at some central website. With a browser toolbar distributed to users, so that when a user goes to some URL, the toolbar checks the domain against the blacklist, which it gets from the central site. But phishing tests the very concept of a blacklist to destruction. Phishers can subvert many computers, scattered across the Internet, to act as fake websites. So identifying one of these as a phishing site has little efficacy.

Plus a blacklist is inherently reactive. How is a website classified as phishing? Often, if not invariably, by manual scrutiny.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 7 people found the following review helpful By Zulfikar Ramzan on November 6, 2007
Format: Hardcover
Phishing and Countermeasures is the best (and only!) extensive resource on phishing for researchers that I'm aware of. The book not only applies to technical security researchers, but also to those interested in researching phishing from other vantages -- such as the social, legal, or policy-oriented implications. Also, the book does an excellent job of considering more cutting-edge trends, such as the impact of additional social context in phishing attacks. This book absolutely belongs on the desk of anyone with serious interests in both understanding and combating phishing.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 12 people found the following review helpful By S. Stamm on February 13, 2007
Format: Hardcover
"Phishing and Countermeasures" (P&C) does an excellent job of summing-up the state of Phishing attacks and research. It describes--in depth--technical attacks and countermeasures to the attacks, presenting both points of view in an extremely complex problem.

Phishing is not a simple technical or social exploit, it is a process. P&C breaks the process down into little bits, describing in depth how each portion accomplishes its goals. They show technical and social techniques used by Phishers, and then delve into theoretical extensions of phishing attacks, including context-aware attacks (spear phishing) and other advanced data gathering techniques (browser history snooping, accoustic keyboard monitoring, etc). They make it obvious to a reader that Phishing is not a simple problem, and also that it is not yet fully understood.

The sheer volume of countermeasures, coupled with the fact that I get new phishing emails daily, simply backs up the book's claim on Phishing's complexity. There is no one technical solution to Phishing attacks, there are LOTS of them, and this book provides an encyclopedic view of the myriad technical countermeasures, complete with analysis of what the countermeasures can and cannot accomplish.

Aside from looking at technical and human-oriented design countermeasures, P&C presents a legal and ethical look at understanding Phishing. Usually lacking from texts like this, coverage of legal and ethical issues rounds the book out nicely.

Do not read this book if you expect to learn how to completely stop Phishing attacks. Phishing is not a solved problem, so the solutions presented within are helpful measures only -- they make it harder for Phishers to succeed.
Read more ›
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft
This item: Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft
Price: $90.02
Ships from and sold by