Qty:1
  • List Price: $54.95
  • Save: $7.12 (13%)
Only 2 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
FREE Shipping on orders over $35.
Used: Very Good | Details
Sold by extracash4kids
Condition: Used: Very Good
Comment: Minor wear to the cover and/or dust jacket and some pages, no writing or highlighting insde!!! ITEM SHIPS FBA FROM AMAZON!!! GET IT FAST!!!
Add to Cart
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Phishing Exposed Paperback – January 20, 2006


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle
"Please retry"
Rent from
$15.63
Paperback
"Please retry"
$47.83
$26.20 $0.01


Frequently Bought Together

Phishing Exposed + Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft
Price for both: $134.39

Buy the selected items together

NO_CONTENT_IN_FEATURE
Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Paperback: 450 pages
  • Publisher: Syngress; 1 edition (January 20, 2006)
  • Language: English
  • ISBN-10: 159749030X
  • ISBN-13: 978-1597490306
  • Product Dimensions: 9.9 x 7 x 1 inches
  • Shipping Weight: 1.3 pounds (View shipping rates and policies)
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (11 customer reviews)
  • Amazon Best Sellers Rank: #2,074,879 in Books (See Top 100 in Books)

More About the Author

Lance James is an American computer scientist, considered an expert on computer security techniques such as anti-phishing. He has been quoted on the subject in multiple media outlets, including CBC, CNN, the BBC, the David Lawrence Show, ZDNet, Wired News, CSO, USA Today, Fox News, and the Washington Post.

He was born in 1978 in Wenatchee, Washington. His father was a Marine, and his mother was a diplomat working in the Canadian foreign service. His maternal grandfather Eric Maughan, is notable for being a centenarian, having turned 100 on August 31, 2005.

Because of his father's career, the family moved often, and James attended multiple high schools, from North Carolina to Burnaby North Secondary School, in Burnaby, British Columbia (the same school from which Michael J. Fox graduated), and Mount Vernon High School in Mount Vernon, Washington, from where he graduated. His first career was as a musician. He studied violin under Sherry Kloss, and then played jazz flamenco music in various locations in San Diego, with the band "Gatos Papacitos," playing violin and occasionally keyboards. At one point he was managed by Marcus Breaux ("Chance Styles"), until Breaux's untimely death.

In October 2001, James founded invisiblenet.net, a distributed cryptographic framework for the internet for anonymity and privacy.

In 2003, James founded "Secure Science Corporation", where he is currently CTO. SSC provides intelligence-based services and products for computer forensics and anti-phishing applications, providing intelligence to major financial institutions and government agencies.

James has been a keynote speaker at Secret Service Electronic Crimes Task Force meetings, and several major universities, including the University of Wisconsin-Madison's "Takedown" conference, in 2005, Rochester Institute of Technology, University of California San Diego, San Diego State University, and Cal State Poly. He also speaks to several law enforcement, regulatory, and intelligence agencies, the Pentagon, Anti-Phishing Working Group, Digital-Phishnet, UNAM-CERT, HTCIA Hong Kong, SANS, BIT, and testifies as an expert witness in U.S. Congressional Hearings.

James was married in 2002, and lives with his wife and children in San Diego.

Customer Reviews

4.3 out of 5 stars
5 star
8
4 star
1
3 star
0
2 star
1
1 star
1
See all 11 customer reviews
The author does a good job of explaining things to non technical people, before getting in depth and extremely technical.
N. Kapitanski
I was surprised by the extent to which the author could repeatedly abuse high-profile financial sites, and for that reason I highly recommend reading Phishing Exposed.
Richard Bejtlich
Most of the samples of spam we have here are Lance's own fake phishing spams, similar to examples you will read in the scripting sections.
Marnie_ATL

Most Helpful Customer Reviews

5 of 5 people found the following review helpful By Richard Bejtlich on March 10, 2006
Format: Paperback
Phishing Exposed is a powerful analysis of the many severe problems present in Web-based activities. Phishing Exposed is another threat-centric title from Syngress. The book presents research conducted by Secure Science Corporation as a way to understand the adversary. The author demonstrates his own attacks against multiple popular e-commerce sites as a way to show how phishers accomplish their goals. I was surprised by the extent to which the author could repeatedly abuse high-profile financial sites, and for that reason I highly recommend reading Phishing Exposed.

The book begins with an overview of the phishing problem. Three basic phishing techniques (impersonation, forwarding, and popup) are explained. The mechanics of email and HTTP are also described. The heart of the book appears in chapters 4 and 5, where almost 270 pages are devoted to the author's assessment and abuse of banking sites. I was shocked by the author's ability to repeatedly take advantage of vulnerabilities in client and server software and configuration. These chapters made me wonder if it is possible for an average end user -- or even a skilled technical user -- running popular operating systems and browsers to survive these sorts of high-end attacks.

Ch 6 featured some innovative material on subverting caller ID by using Voice over IP and other methods. I also appreciated the historical perspective in that chapter.

My only real concern is that the author devoted lots of material to his own attacks, and not as much to attacks by real phishers. I would have liked additional details on how to detect and potentially defeat these attacks using network-based and proxy-based means.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
6 of 8 people found the following review helpful By N. Kapitanski on November 21, 2005
Format: Paperback
This is a great book! The author really knows what he's talking about and the ideas he presents give a great indication as to where phishing is going in the future. The exploits detailed in the book are technical, educating and even down right genius, such as the Yahoo Cross Site Scripting attack. The author does a good job of explaining things to non technical people, before getting in depth and extremely technical.

The book does a great job of covering a wide range of topics related to phishing so the reader understands the phishing process as a whole. Even Caller ID spoofing and anonymous telephony is included in Chapter 6, which is an interesting read that gives you some ideas where phishing of the future may be headed. Also, some of the little stories in Chapter 7 are really interesting and left me wanting more!! The bit about scanning a whole Korean Class B subnet range looking for 0day phishing servers, is one example!

I read "Phishing: Cutting the Identity Theft Line" over the summer, and I think that "Phishing Exposed" gives the reader a better understanding of the current phishing problem and what needs to be done in the future to protect both consumers and businesses. I would say this book is the authoritive guide on phishing in 2005 and into 2006.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Tod Beardsley on July 16, 2006
Format: Paperback
If you're on your way to a security conference this summer, and you'd like to get up to speed on web site abuses and browser design vulnerabilities, this book makes for excellent airplane-reading fare. I say this because Phishing Exposed manages to succeed on two fronts: it is both an instructive technical reference, as well as a surprisingly compelling narrative.

The first is unsurprising -- it is, after all, a Syngress book, and so is typical of technical books from this imprint. The second accomplishment, though, was a pleasant surprise. It's not common that someone as deeply involved in the technologies of network security are also talented writers.

As an example, while documenting the technical characteristics of e-mail delivery, James illustrates example forensic techniques of identifying the home city, working schedule, and handedness of the attacker. It's this mix of CSI-meets-ITSec that makes the book an honest page-turner.

Given this literary attention to narrative and even elements of plot development (especially on the follow-the-breadcrumbs analysis of a seemingly endless series of HTTP redirects), this book illustrates the phishing problem in a way that both technically-oriented defenders and interested "power user" readers will understand and enjoy.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 4 people found the following review helpful By sixmonkeyjungle on August 28, 2006
Format: Paperback
Phishing quickly exploded from a nuisance to a full-fledged threat in the middle of 2005. Weaknesses in email, combined with flaws in Web security and with a little social engineering mixed in make for an effective tool to get the attention of users and lure unsuspecting people into the trap.

It didn't take long for the organized crime elements of the malware underground to recognize the power and efficiency of this tool. Phishing is a virtual poster-child for the convergence of malware because it is a malicious tool that helps tie viruses, worms, spam, Trojans and other malware together and get them delivered effectively to their designated targets.

While a book like Phishing: Cutting The Identity Theft Line is aimed at managers and executives and users, this book is more along the lines of Inside The Spam Cartel in the way it dives deeper to look at the secrets and techniques and explore the underground that makes it work.

While the content is more technical, James writing is engaging. Phishing Exposed is an excellent resource for developers, specifically Web developers, and for security experts to understand more about how and why phishing works, rather than just what it is and how to detect and defend against it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Most Recent Customer Reviews

Search