- Paperback: 334 pages
- Publisher: Wiley; 1 edition (May 6, 2005)
- Language: English
- ISBN-10: 0764584987
- ISBN-13: 978-0764584985
- Product Dimensions: 7.3 x 0.8 x 9.2 inches
- Shipping Weight: 1 pounds (View shipping rates and policies)
- Average Customer Review: 11 customer reviews
- Amazon Best Sellers Rank: #3,391,599 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Phishing: Cutting the Identity Theft Line 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
“…written by a phishing security expert at a top financial institution, this unique book helps IT professionals respond to phishing incidents…” (Computing, 28 July 2005)
From the Back Cover
Have you been caught yet?
They don't just want to know who you are, they want to BE who you are. By duplicating a legitimate website, phishers can convince you that email asking for your personal information came from your bank, an online retailer, even your ISP. Their high-tech identity theft costs American consumers and businesses billions, and if you access the Internet, you're a target. Whether you manage corporate security or just shop online, this book is loaded with weapons you can't afford to be without.
- Be able to identify and avoid phishing emails and websites
- Recognize spyware, understand how it benefits phishers, and learn how to get rid of it
- Take appropriate steps to safeguard your organization against attack
- Learn how to protect yourself online
- Find out how to report phishing incidents, and why you should
- Understand the scope of phishing and how it threatens our online infrastructure
- Explore additional resources that will keep you up to date
- Discover how to get off the hook if you've already swallowed the bait
Browse award-winning titles. See more
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
The authors have identified the key readership as "Incident Response Teams", "Information Security Professionals", "Executive Management", and "Everyone who uses the Internet". The technical detail and complexity is great for the first three categories of readership, but stating the book should be read by "everyone who uses the Internet" is, well, stretching it because that is virtually everyone on the planet with an Internet connection. People who go to [...], for example, will have a lot of difficulty following the book and knowing which bits are both relevant and simple enough to put into their daily lives. However, most people understand how a book is presented so long as they follow the Contents page and use it prescriptively; even the technically challenged will get something from it.
One last thing. I like the fact the authors have backed up what they talk about with references and follow on information. For example, when they talk about identity theft and how it impacts everyday people like you and me, they also provide details about what to do and where to go for help. It's one thing to ramble on about a problem; it is another to give guidance and support to those whose lives have been impacted by this social menace.
I could think of worse things to waste $30 on, frankly. I doubt you will regret buying it unless you want something simple and non-technical.
Phishing and identity theft are serious threats. However, as the authors point out early on in the book, identity theft has been around as long as there have been identities and is not unique to computers or the Internet. Phishing attacks are simply a new tool for identity thieves to use.
Phishing provides the information that consumers need to understand the threat and the risks and arm themselves to safeguard their information and defend against phishing attacks. The book is not bogged down with dry detail, but provides a ton of useful and necessary information in an easy-to-read format.
After reading this book, users will understand just how phishing works ad how it ties together with spam, spyware and other threats. Readers will also learn how to avoid becoming a phishing victim as well as who to contact or how to respond if they do.
This is an excellent book that just about anyone who uses computers should read.
Phishing is essentially a detailed security awareness text focusing on phishing and identity theft. Its main aim is to enable the reader to identify and avoid phishing emails and websites, with secondary objectives being to raise awareness of spyware and other forms of malware, and to advise those who have already swallowed the phisher's bait.
The two chapters giving advice for financial services and similar companies whose customers are being phished are fairly weak, but to be fair there is not a huge amount they can do. Two chapters of advice for ordinary computer users go well beyond the usual `watch out for phishing emails', covering aspects such as antivirus and patching.
The following audiences are identified:
- Incident response teams at financial institutions
- Information security professionals and management
- Executive management of any company whose brand might be spoofed
- Everyone who uses the Internet
Phishing is quite a long and specific book that seems unlikely to be read by many non-technical readers, despite its laudable aims. The professional readership will benefit from this book.
Rachael Lininger is billed as a `technical writer in the information security department of a major US financial institution'. It is clear from her writing that she has written up a lot of phishing attacks before.
Russel Dean Vines is a well-qualified information security consultant and cyber-counterterrorism specialist as well as an accomplished jazz musician.
Although the topics are quite technical in places, the book treads a fine line between oversimplifying things and delving too deeply. Rachael's sections include some very welcome tongue-in-cheek asides and even the odd Monty Python reference to brighten up an otherwise rather dry topic. There are plenty of examples of phishing emails, analyzed down to the level of the HTML code, and URLs for more information.
Although things are moving rapidly in this field, Phishing remains relevant and useful two years or more after it was written. The authors' experience evidently qualified them to take a forward-looking perspective. This should definitely be on the bookshelf of the information security department at any eBusiness.