An essential anti-phishing desk reference for anyone with an email address Phishing Dark Waters addresses the growing and continuing scourge of phishing emails, and provides actionable defensive techniques and tools to help you steer clear of malicious emails.

Learn to catch a phish without becoming live bait.

Phishing e-mails create daily havoc for both individuals and organizations. A social engineering technique that preys on our human nature, phishing remains remarkably successful for scammers and malicious social engineers despite increasingly sophisticated security programs and awareness campaigns. Christopher Hadnagy and Michele Fincher, practitioners and consultants in human-based security, have spent years working to understand how and why phishing works. In this book, they dissect what a phish is, why it succeeds, and the principles behind it, fully exposing all of its flaws and detailing innovative ways to defend against it.

Focusing on the basics of the phish, the underlying psychology, the skillful use of influence, and a creative program to use the phisher's weapons against him, this highly readable guide provides tools for both individuals and corporations. Hadnagy and Fincher examine some of the most current and effective phish, show you how to spot a spoofed e-mail or cloned website, explore phishing education platforms that work, and demonstrate how to create your own phish to use in your security awareness program.

Despite legislation, user training, public awareness, and technical security, phishing persists because it exploits our natural responses to e-mail requests. Phishing Dark Waters, The Offensive and Defensive Sides of Malicious E-mails arms you with a greater understanding of:

• The psychological principles that make phishing effective
• High-profile breaches, including Target, RSA, and Coca-Cola, that began with a phish
• Common scams, including those following natural disasters and other highly publicized events
• Different goals of attackers: financial, corporate espionage, national security, and identity theft threats
• How to protect your enterprise with a corporate phishing program and integrate it into company policies
• Ways to catch a phish
• Why most security awareness programs don't work

An essential anti-phishing desk reference for anyone with an email address

Phishing Dark Waters addresses the growing and continuing scourge of phishing emails, and provides actionable defensive techniques and tools to help you steer clear of malicious emails. Phishing is analyzed from the viewpoint of human decision-making and the impact of deliberate influence and manipulation on the recipient. With expert guidance, this book provides insight into the financial, corporate espionage, nation state, and identity theft goals of the attackers, and teaches you how to spot a spoofed e-mail or cloned website. Included are detailed examples of high profile breaches at Target, RSA, Coca Cola, and the AP, as well as an examination of sample scams including the Nigerian 419, financial themes, and post high-profile event attacks. Learn how to protect yourself and your organization using anti-phishing tools, and how to create your own phish to use as part of a security awareness program.

Phishing is a social engineering technique through email that deceives users into taking an action that is not in their best interest, but usually with the goal of disclosing information or installing malware on the victim's computer. Phishing Dark Waters explains the phishing process and techniques, and the defenses available to keep scammers at bay.

• Learn what a phish is, and the deceptive ways they've been used
• Understand decision-making, and the sneaky ways phishers reel you in
• Recognize different types of phish, and know what to do when you catch one
• Use phishing as part of your security awareness program for heightened protection

Attempts to deal with the growing number of phishing incidents include legislation, user training, public awareness, and technical security, but phishing still exploits the natural way humans respond to certain situations. Phishing Dark Waters is an indispensible guide to recognizing and blocking the phish, keeping you, your organization, and your finances safe.