Enjoy fast, FREE delivery, exclusive deals and award-winning movies & TV shows with Prime
Try Prime
and start saving today with Fast, FREE Delivery
Amazon Prime includes:
Fast, FREE Delivery is available to Prime members. To join, select "Try Amazon Prime and start saving today with Fast, FREE Delivery" below the Add to Cart button.
Amazon Prime members enjoy:- Cardmembers earn 5% Back at Amazon.com with a Prime Credit Card.
- Unlimited Free Two-Day Delivery
- Instant streaming of thousands of movies and TV episodes with Prime Video
- A Kindle book to borrow for free each month - with no due dates
- Listen to over 2 million songs and hundreds of playlists
- Unlimited photo storage with anywhere access
Important: Your credit card will NOT be charged when you start your free trial or if you cancel during the trial period. If you're happy with Amazon Prime, do nothing. At the end of the free trial, your membership will automatically upgrade to a monthly membership.
Buy new:
$16.95$16.95
FREE delivery: Thursday, July 27 on orders over $25.00 shipped by Amazon.
Ships from: Amazon.com Sold by: Amazon.com
Buy used: $8.97
Other Sellers on Amazon
& FREE Shipping
+ $3.99 shipping
82% positive over last 12 months
Usually ships within 4 to 5 days.
& FREE Shipping
88% positive over last 12 months
Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required. Learn more
Read instantly on your browser with Kindle for Web.
Using your mobile phone camera - scan the code below and download the Kindle app.
Follow the Authors
OK
The Art of Deception: Controlling the Human Element of Security Paperback – October 17, 2003
| Price | New from | Used from |
|
Audible Audiobook, Unabridged
"Please retry" |
$0.00
| Free with your Audible trial | |
|
Audio CD, MP3 Audio, Unabridged
"Please retry" | $27.29 | — |
Explore your book, then jump right back to where you left off with Page Flip.
View high quality images that let you zoom in to take a closer look.
Enjoy features only possible in digital – start reading right away, carry your library with you, adjust the font, create shareable notes and highlights, and more.
Discover additional details about the events, people, and places in your book, with Wikipedia integration.
Purchase options and add-ons
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
- Print length368 pages
- LanguageEnglish
- PublisherWiley
- Publication dateOctober 17, 2003
- Dimensions6 x 1 x 0 inches
- ISBN-10076454280X
- ISBN-13978-0764542800
Books with Buzz
Discover the latest buzz-worthy books, from mysteries and romance to humor and nonfiction. Explore more
Frequently bought together

More items to explore
Editorial Reviews
Review
"...a lot of interesting cautionary tales..." (New Scientist, January 2004)
Product details
- Publisher : Wiley; 1st edition (October 17, 2003)
- Language : English
- Paperback : 368 pages
- ISBN-10 : 076454280X
- ISBN-13 : 978-0764542800
- Item Weight : 15.2 ounces
- Dimensions : 6 x 1 x 0 inches
- Best Sellers Rank: #4,831 in Books (See Top 100 in Books)
- #2 in CompTIA Certification Guides
- #3 in Information Management (Books)
- #5 in Computer Hacking
- Customer Reviews:
Important information
To report an issue with this product, click here.
About the authors

William L. Simon is the author or co-author of more than 30 books, including numerous New York Times, national, and international bestsellers. Born in Washington, DC, he holds two degrees from Cornell University, and has been a freelance writer ever since -- first as a writer of documentaries, corporate, and informational films, then as a book author. He is a member of the Writers Guild of America, West, and now lives in Los Angeles.
Customer reviews
Customer Reviews, including Product Star Ratings help customers to learn more about the product and decide whether it is the right product for them.
To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyzed reviews to verify trustworthiness.
Learn more how customers reviews work on AmazonReviewed in the United States on February 15, 2022
-
Top reviews
Top reviews from the United States
There was a problem filtering reviews right now. Please try again later.
This book focuses on the human element of computer security. Reminding us that even the most sophisticated high-tech security systems can be rendered worthless if the people running them are not sufficiently vigilant, Mitnick goes on to point out the myriad ways in which human carelessness can contribute to security breaches. An experienced con artist who is well-versed in social engineering techniques can often do far more damage by manipulating people to provide information they shouldn't than by relying on technologically sophisticated hacking methods.
The book is interesting for the most part, though it would have benefited from a 25% reduction in length, and there are some annoying stylistic tics. Throughout the first 14 chapters, each of which reviews a particular type of `con' used by hackers/social engineers to breach computer security, the chapter setup follows the same schema:
(i) an anecdote or vignette, involving fictitious characters but based on actual events, which lays out the deception as it unfolds, following it through to the successful breach (ii) analysis of the `con', focusing specifically on the mistakes or behaviors (at the individual and at the organizational level) which allowed it to succeed (iii) discussion of the changes that would be needed to stop the con from succeeding (e.g. behavior of individual employees, corporate policies and procedures, computer software and hardware). This is actually a pretty decent way to make the points Mitnick wants to get across - starting out with a concrete example of how things go wrong gets attention and motivates the reader to read on to figure out the solution.
One feature of the book which was meant to be helpful started to annoy me by about the third chapter. Interspersed throughout each chapter, the authors insert highlighted textboxes of two types: `lingo' - repeating the definition of a concept already adequately defined in the text, or `mitnick messages' - which seemed superfluous, and a little condescending, as they generally repeated what was already obvious. In general, this is not a book you will read for the delights of its prose style (after successfully gaining access to a cache of hidden documents, one hacker is described as spending his evening gleefully "pouring over" the documents); however, the prose is serviceable, managing to avoid lapses into the dreaded corpspeak, for the most part.
For some readers, the most useful part of the book may be its final two chapters. Here the authors lay out, in considerable detail, outlines for recommended corporate information security policies, and an associated training program on information security awareness. Though I am no expert in these areas, the outlines strike me as being commendably thorough - complete enough that they could be fleshed out without too much difficulty to generate a comprehensive set of policies and procedures.
Despite some redundancy, and occasional infelicities of style, this book seemed to me to be interesting, and likely to be practically useful.
Our tendency to be helpful.
Our tendency to let someone new come into our lives
Etc,..
I will be honest, after spending 13 years in financial and marketing industry and reading 1000s of books and having 1000s of experiences I promise if someone wants to set me up they probably can.
It's really hard to get away from a good setup.
One thing that helped me all these years is that at the end of the day I ask myself two questions. This is a routine I do every day and been doing it for almost 10 years now.
1. Did I try to help a stranger or someone I know today? If yes, then what was the context.
2. Did someone came in my life trying to do good things for me out of blue? (This can be a friend that randomly texts you on FB or emails you after ages.)
Kevin Mitnick, likely the most notorious hackers in history, has written a book containing 'fictional' accounts of how "social engineers" (basically just con-men, but also private investigators) can talk their way past people and get to whatever information they need. You rarely need a computer, let alone one powerful enough to crack encryption and passwords, to get the information you want if you can simply talk the talk- convince people you are inside the company and know what you are talking about, and more often than not they will tell you what you want to know. The beauty of stealing information is that it is difficult to know that a theft has occurred. After each story Mitnick analyzes what happened and how it could be prevented. The end of the book summarizes with a list of security policies to help prevent social engineering attacks. Admittedly, a lot of the policies are common sense, like don't give out your password, but that should help to illustrate just how much of a vulnerability we humans are to information security.
The book is not very technical at all, so if you are looking for detailed technical accounts of Mitnick's exploits, look elsewhere. The book does suffer from poor organization and there is a fair bit of redundant material, but I didn't find it to be a major drawback. This book should be read by just about anyone and everyone- we are culturally expected to be helpful to strangers, and should remain so, but there is a need to be vigilant when people start asking for sensitive information. I would imagine that identity theft would be reduced if more people were aware of the tactics that the ne'er-do-wells use.











