book

Fighting Phishing

Name: Fighting Phishing
Author: Roger A. Grimes
ISBN: 9781394249206

by Roger A. Grimes

February 2024

Intermediate to advanced

448 pages

9h 22m

English

Wiley

Read now

Unlock full access

Cover
Table of Contents
Title Page
Introduction
Who This Book Is ForWhat Is Covered in This BookHow to Contact Wiley or the Author
PART I: Introduction to Social Engineering Security
CHAPTER 1: Introduction to Social Engineering and Phishing
What Are Social Engineering and Phishing?How Prevalent Are Social Engineering and Phishing?Summary
CHAPTER 2: Phishing Terminology and Examples
Social EngineeringPhishWell-Known BrandsTop Phishing SubjectsStressor StatementsMalicious DownloadsMalwareBotsDownloaderAccount TakeoverSpamSpear PhishingWhalingPage HijackingSEO PharmingCalendar PhishingSocial Media PhishingRomance ScamsVishingPretextingOpen-Source IntelligenceCallback PhishingSmishingBusiness Email CompromiseSextortionBrowser AttacksBaitingQR PhishingPhishing Tools and KitsSummary
CHAPTER 3: 3x3 Cybersecurity Control Pillars
The Challenge of CybersecurityComplianceRisk ManagementDefense-In-Depth3x3 Cybersecurity Control PillarsSummary
PART II: Policies
CHAPTER 4: Acceptable Use and General Cybersecurity Policies
Acceptable Use Policy (AUP)General Cybersecurity PolicySummary

CHAPTER 5: Anti-Phishing Policies
The Importance of Anti-Phishing PoliciesWhat to IncludeSummary
CHAPTER 6: Creating a Corporate SAT Policy
Getting Started with Your SAT PolicyNecessary SAT Policy ComponentsExample of Security Awareness Training Corporate PolicyAcme Security Awareness Training Policy: Version 2.1Summary
PART III: Technical Defenses
CHAPTER 7: DMARC, SPF, and DKIM
The Core ConceptsA US and Global StandardEmail AddressesSender Policy Framework (SPF)Domain Keys Identified Mail (DKIM)Domain-based Message Authentication, Reporting, and Conformance (DMARC)Configuring DMARC, SPF, and DKIMPutting It All TogetherDMARC Configuration CheckingHow to Verify DMARC ChecksHow to Use DMARCWhat DMARC Doesn't DoOther DMARC ResourcesSummary
CHAPTER 8: Network and Server Defenses
Defining NetworkNetwork IsolationNetwork-Level Phishing AttacksNetwork- and Server-Level DefensesSummary
CHAPTER 9: Endpoint Defenses
Focusing on EndpointsAnti-Spam and Anti-Phishing FiltersAnti-MalwarePatch ManagementBrowser SettingsBrowser NotificationsEmail Client SettingsFirewallsPhishing-Resistant MFAPassword ManagersVPNsPrevent Unauthorized External Domain CollaborationDMARCEnd Users Should Not Be Logged on as AdminChange and Configuration ManagementMobile Device ManagementSummary
CHAPTER 10: Advanced Defenses
AI-Based Content FiltersSingle-Sign-OnsApplication Control ProgramsRed/Green DefensesEmail Server ChecksProactive Doppelganger SearchesHoneypots and CanariesHighlight New Email AddressesFighting USB AttacksPhone-Based TestingPhysical Penetration TestingSummary
PART IV: Creating a Great Security Awareness Program
CHAPTER 11: Security Awareness Training Overview
What Is Security Awareness Training?Goals of SATSenior Management SponsorshipAbsolutely Use Simulated Phishing TestsDifferent Types of TrainingComplianceLocalizationSAT Rhythm of the BusinessReporting/ResultsChecklistSummary
CHAPTER 12: How to Do Training Right
Designing an Effective Security Awareness Training ProgramBuilding/Selecting and Reviewing Training ContentAdditional ReferencesSummary
CHAPTER 13: Recognizing Rogue URLs
How to Read a URLMost Important URL InformationRogue URL TricksSummary
CHAPTER 14: Fighting Spear Phishing
BackgroundSpear Phishing ExamplesHow to Defend Against Spear PhishingSummary
CHAPTER 15: Forensically Examining Emails
Why Investigate?Why You Should Not InvestigateHow to InvestigateExamining EmailsClicking on Links and Running MalwareSubmit Links and File Attachments to AVThe Preponderance of EvidenceA Real-World Forensic Investigation ExampleSummary
CHAPTER 16: Miscellaneous Hints and Tricks
First-Time Firing OffenseText-Only EmailMemory IssuesSAT CounselorAnnual SAT User ConferenceVoice-Call TestsCredential SearchesDark Web SearchesSocial Engineering Penetration TestsRansomware RecoveryPatch, Patch, PatchCISA Cybersecurity Awareness ProgramPasskeysAvoid Controversial Simulated Phishing SubjectsPractice and Teach MindfulnessMust Have Mindfulness ReadingSummary
CHAPTER 17: Improving Your Security Culture
What Is a Security Culture?Seven Dimensions of a Security CultureImproving Security CultureOther ResourcesSummary
Conclusion
Acknowledgments
About the Author
Index
Copyright
Dedication
End User License Agreement

Content preview from Fighting Phishing

CHAPTER 2Phishing Terminology and Examples

Chapter 2 will define dozens of terms used when discussing phishing-related events. It will include examples of many different types of phishing. My hope is that everyone, whether new to phishing or not, will walk away with a stronger base understanding of what's possible with social engineering and phishing.

Social Engineering

Let's revisit the definition of social engineering from Chapter 1, “Introduction to Social Engineering and Phishing.” As used in this book, social engineering is a malicious scam, where a perpetrator is often pretending to be someone else, a group, or a brand that the potential victim might implicitly trust more (than an unknown person), attempting to get the victim to perform an action that is contrary to their self-interests.

Phish

As discussed in Chapter 1, phishing is a type of criminal social engineering that involves online digital media. Phishing can happen in many different ways, including email (the most popular method), voice calls, in-person, websites, text messages, instant messaging, collaboration apps, and social media. Figure 2-1 is an example of a common type of phishing email.

FIGURE 2-1 Example of a common type of phishing email.

In this example, a fake Netflix email is trying to get the potential victim's Netflix login credentials or credit card number. You can see that the originating ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Cybersecurity – Attack and Defense Strategies - Third Edition

Publisher Resources

ISBN: 9781394249206Purchase Link

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design