Qty:1
  • List Price: $54.95
  • Save: $0.51 (1%)
Only 2 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Phishing Exposed has been added to your Cart
Condition: Used: Good
Comment: Good condition, some cover wear, no writing or highlights. Fast shipping and tracking provided with every order.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Phishing Exposed Paperback – January 20, 2006


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle
"Please retry"
Rent from
$10.63
Paperback
"Please retry"
$54.44
$27.96 $0.66

Best Books of the Month
See the Best Books of the Month
Want to know our Editors' picks for the best books of the month? Browse Best Books of the Month, featuring our favorite new books in more than a dozen categories.
$54.44 FREE Shipping. Only 2 left in stock (more on the way). Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Phishing Exposed + Inside the SPAM Cartel: By Spammer-X
Price for both: $97.14

Buy the selected items together
NO_CONTENT_IN_FEATURE
Image
Looking for the Audiobook Edition?
Tell us that you'd like this title to be produced as an audiobook, and we'll alert our colleagues at Audible.com. If you are the author or rights holder, let Audible help you produce the audiobook: Learn more at ACX.com.

Product Details

  • Paperback: 450 pages
  • Publisher: Syngress; 1 edition (January 20, 2006)
  • Language: English
  • ISBN-10: 159749030X
  • ISBN-13: 978-1597490306
  • Product Dimensions: 7 x 1.1 x 8.9 inches
  • Shipping Weight: 1.3 pounds (View shipping rates and policies)
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (11 customer reviews)
  • Amazon Best Sellers Rank: #2,018,750 in Books (See Top 100 in Books)

More About the Author

Lance James is an American computer scientist, considered an expert on computer security techniques such as anti-phishing. He has been quoted on the subject in multiple media outlets, including CBC, CNN, the BBC, the David Lawrence Show, ZDNet, Wired News, CSO, USA Today, Fox News, and the Washington Post.

He was born in 1978 in Wenatchee, Washington. His father was a Marine, and his mother was a diplomat working in the Canadian foreign service. His maternal grandfather Eric Maughan, is notable for being a centenarian, having turned 100 on August 31, 2005.

Because of his father's career, the family moved often, and James attended multiple high schools, from North Carolina to Burnaby North Secondary School, in Burnaby, British Columbia (the same school from which Michael J. Fox graduated), and Mount Vernon High School in Mount Vernon, Washington, from where he graduated. His first career was as a musician. He studied violin under Sherry Kloss, and then played jazz flamenco music in various locations in San Diego, with the band "Gatos Papacitos," playing violin and occasionally keyboards. At one point he was managed by Marcus Breaux ("Chance Styles"), until Breaux's untimely death.

In October 2001, James founded invisiblenet.net, a distributed cryptographic framework for the internet for anonymity and privacy.

In 2003, James founded "Secure Science Corporation", where he is currently CTO. SSC provides intelligence-based services and products for computer forensics and anti-phishing applications, providing intelligence to major financial institutions and government agencies.

James has been a keynote speaker at Secret Service Electronic Crimes Task Force meetings, and several major universities, including the University of Wisconsin-Madison's "Takedown" conference, in 2005, Rochester Institute of Technology, University of California San Diego, San Diego State University, and Cal State Poly. He also speaks to several law enforcement, regulatory, and intelligence agencies, the Pentagon, Anti-Phishing Working Group, Digital-Phishnet, UNAM-CERT, HTCIA Hong Kong, SANS, BIT, and testifies as an expert witness in U.S. Congressional Hearings.

James was married in 2002, and lives with his wife and children in San Diego.

Customer Reviews

4.3 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

5 of 5 people found the following review helpful By Richard Bejtlich on March 10, 2006
Format: Paperback
Phishing Exposed is a powerful analysis of the many severe problems present in Web-based activities. Phishing Exposed is another threat-centric title from Syngress. The book presents research conducted by Secure Science Corporation as a way to understand the adversary. The author demonstrates his own attacks against multiple popular e-commerce sites as a way to show how phishers accomplish their goals. I was surprised by the extent to which the author could repeatedly abuse high-profile financial sites, and for that reason I highly recommend reading Phishing Exposed.

The book begins with an overview of the phishing problem. Three basic phishing techniques (impersonation, forwarding, and popup) are explained. The mechanics of email and HTTP are also described. The heart of the book appears in chapters 4 and 5, where almost 270 pages are devoted to the author's assessment and abuse of banking sites. I was shocked by the author's ability to repeatedly take advantage of vulnerabilities in client and server software and configuration. These chapters made me wonder if it is possible for an average end user -- or even a skilled technical user -- running popular operating systems and browsers to survive these sorts of high-end attacks.

Ch 6 featured some innovative material on subverting caller ID by using Voice over IP and other methods. I also appreciated the historical perspective in that chapter.

My only real concern is that the author devoted lots of material to his own attacks, and not as much to attacks by real phishers. I would have liked additional details on how to detect and potentially defeat these attacks using network-based and proxy-based means.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
6 of 8 people found the following review helpful By N. Kapitanski on November 21, 2005
Format: Paperback
This is a great book! The author really knows what he's talking about and the ideas he presents give a great indication as to where phishing is going in the future. The exploits detailed in the book are technical, educating and even down right genius, such as the Yahoo Cross Site Scripting attack. The author does a good job of explaining things to non technical people, before getting in depth and extremely technical.

The book does a great job of covering a wide range of topics related to phishing so the reader understands the phishing process as a whole. Even Caller ID spoofing and anonymous telephony is included in Chapter 6, which is an interesting read that gives you some ideas where phishing of the future may be headed. Also, some of the little stories in Chapter 7 are really interesting and left me wanting more!! The bit about scanning a whole Korean Class B subnet range looking for 0day phishing servers, is one example!

I read "Phishing: Cutting the Identity Theft Line" over the summer, and I think that "Phishing Exposed" gives the reader a better understanding of the current phishing problem and what needs to be done in the future to protect both consumers and businesses. I would say this book is the authoritive guide on phishing in 2005 and into 2006.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By W Boudville HALL OF FAMETOP 1000 REVIEWERVINE VOICE on December 14, 2005
Format: Paperback
The book tries to do two things. It explains what phishing is and it offers countermeasures against it. On the first issue, it gives a decent explanation of the various forms of phishing. Like how it can be email that directs you to a website (pharm) run by the phisher.

On how to stop phishing, the book is sadly inadequate. For example, it explains how the phishers inject their messages into the Internet. This is the broader problem of spammers doing so. And for this, there is no feasible antidote. Mostly because of the early, trusting model of email sending that was developed for the Internet before the Web appeared. But also a deeper problem is that as the Internet continues to grow, with millions of new nodes added each year, each node is a potential injection point. Exacerbated by many of these nodes being computers owned by individuals, without the background to regularly install antivirus software.

Then there are the book's suggestions on good practices. It says that users who get messages claiming to be from a bank and asking them to login to a [fake] site should be sceptical. While this is correct advice, it relies on a user acting accordingly. But this human factor is weak. It is precisely this that the phishers direct their attacks at. You might not be fooled. Probably because you are concerned enough that you are considering reading the book, and are in fact reading this review right now. However, phishing, like spam, preferentially targets the ill-educated or gullible. And they are very unlikely to read this book or any others on the subject. The point is that if a recipient gets to the point of actually reading a phishing message, then it is already too late for some non-negligible percentage of users. And it is that percentage from which banks take losses.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Tod Beardsley on July 16, 2006
Format: Paperback
If you're on your way to a security conference this summer, and you'd like to get up to speed on web site abuses and browser design vulnerabilities, this book makes for excellent airplane-reading fare. I say this because Phishing Exposed manages to succeed on two fronts: it is both an instructive technical reference, as well as a surprisingly compelling narrative.

The first is unsurprising -- it is, after all, a Syngress book, and so is typical of technical books from this imprint. The second accomplishment, though, was a pleasant surprise. It's not common that someone as deeply involved in the technologies of network security are also talented writers.

As an example, while documenting the technical characteristics of e-mail delivery, James illustrates example forensic techniques of identifying the home city, working schedule, and handedness of the attacker. It's this mix of CSI-meets-ITSec that makes the book an honest page-turner.

Given this literary attention to narrative and even elements of plot development (especially on the follow-the-breadcrumbs analysis of a seemingly endless series of HTTP redirects), this book illustrates the phishing problem in a way that both technically-oriented defenders and interested "power user" readers will understand and enjoy.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Phishing Exposed
This item: Phishing Exposed
Price: $54.44
Ships from and sold by Amazon.com

What Other Items Do Customers Buy After Viewing This Item?