book

Fighting Phishing

Name: Fighting Phishing
Author: Roger A. Grimes
ISBN: 9781394249206

by Roger A. Grimes

February 2024

Intermediate to advanced

448 pages

9h 22m

English

Wiley

Read now

Unlock full access

Cover
Table of Contents
Title Page
Introduction
Who This Book Is ForWhat Is Covered in This BookHow to Contact Wiley or the Author
PART I: Introduction to Social Engineering Security
CHAPTER 1: Introduction to Social Engineering and Phishing
What Are Social Engineering and Phishing?How Prevalent Are Social Engineering and Phishing?Summary
CHAPTER 2: Phishing Terminology and Examples
Social EngineeringPhishWell-Known BrandsTop Phishing SubjectsStressor StatementsMalicious DownloadsMalwareBotsDownloaderAccount TakeoverSpamSpear PhishingWhalingPage HijackingSEO PharmingCalendar PhishingSocial Media PhishingRomance ScamsVishingPretextingOpen-Source IntelligenceCallback PhishingSmishingBusiness Email CompromiseSextortionBrowser AttacksBaitingQR PhishingPhishing Tools and KitsSummary
CHAPTER 3: 3x3 Cybersecurity Control Pillars
The Challenge of CybersecurityComplianceRisk ManagementDefense-In-Depth3x3 Cybersecurity Control PillarsSummary
PART II: Policies
CHAPTER 4: Acceptable Use and General Cybersecurity Policies
Acceptable Use Policy (AUP)General Cybersecurity PolicySummary

CHAPTER 5: Anti-Phishing Policies
The Importance of Anti-Phishing PoliciesWhat to IncludeSummary
CHAPTER 6: Creating a Corporate SAT Policy
Getting Started with Your SAT PolicyNecessary SAT Policy ComponentsExample of Security Awareness Training Corporate PolicyAcme Security Awareness Training Policy: Version 2.1Summary
PART III: Technical Defenses
CHAPTER 7: DMARC, SPF, and DKIM
The Core ConceptsA US and Global StandardEmail AddressesSender Policy Framework (SPF)Domain Keys Identified Mail (DKIM)Domain-based Message Authentication, Reporting, and Conformance (DMARC)Configuring DMARC, SPF, and DKIMPutting It All TogetherDMARC Configuration CheckingHow to Verify DMARC ChecksHow to Use DMARCWhat DMARC Doesn't DoOther DMARC ResourcesSummary
CHAPTER 8: Network and Server Defenses
Defining NetworkNetwork IsolationNetwork-Level Phishing AttacksNetwork- and Server-Level DefensesSummary
CHAPTER 9: Endpoint Defenses
Focusing on EndpointsAnti-Spam and Anti-Phishing FiltersAnti-MalwarePatch ManagementBrowser SettingsBrowser NotificationsEmail Client SettingsFirewallsPhishing-Resistant MFAPassword ManagersVPNsPrevent Unauthorized External Domain CollaborationDMARCEnd Users Should Not Be Logged on as AdminChange and Configuration ManagementMobile Device ManagementSummary
CHAPTER 10: Advanced Defenses
AI-Based Content FiltersSingle-Sign-OnsApplication Control ProgramsRed/Green DefensesEmail Server ChecksProactive Doppelganger SearchesHoneypots and CanariesHighlight New Email AddressesFighting USB AttacksPhone-Based TestingPhysical Penetration TestingSummary
PART IV: Creating a Great Security Awareness Program
CHAPTER 11: Security Awareness Training Overview
What Is Security Awareness Training?Goals of SATSenior Management SponsorshipAbsolutely Use Simulated Phishing TestsDifferent Types of TrainingComplianceLocalizationSAT Rhythm of the BusinessReporting/ResultsChecklistSummary
CHAPTER 12: How to Do Training Right
Designing an Effective Security Awareness Training ProgramBuilding/Selecting and Reviewing Training ContentAdditional ReferencesSummary
CHAPTER 13: Recognizing Rogue URLs
How to Read a URLMost Important URL InformationRogue URL TricksSummary
CHAPTER 14: Fighting Spear Phishing
BackgroundSpear Phishing ExamplesHow to Defend Against Spear PhishingSummary
CHAPTER 15: Forensically Examining Emails
Why Investigate?Why You Should Not InvestigateHow to InvestigateExamining EmailsClicking on Links and Running MalwareSubmit Links and File Attachments to AVThe Preponderance of EvidenceA Real-World Forensic Investigation ExampleSummary
CHAPTER 16: Miscellaneous Hints and Tricks
First-Time Firing OffenseText-Only EmailMemory IssuesSAT CounselorAnnual SAT User ConferenceVoice-Call TestsCredential SearchesDark Web SearchesSocial Engineering Penetration TestsRansomware RecoveryPatch, Patch, PatchCISA Cybersecurity Awareness ProgramPasskeysAvoid Controversial Simulated Phishing SubjectsPractice and Teach MindfulnessMust Have Mindfulness ReadingSummary
CHAPTER 17: Improving Your Security Culture
What Is a Security Culture?Seven Dimensions of a Security CultureImproving Security CultureOther ResourcesSummary
Conclusion
Acknowledgments
About the Author
Index
Copyright
Dedication
End User License Agreement

Content preview from Fighting Phishing

CHAPTER 10Advanced Defenses

Chapter 10 will round out Part III, “Technical Defenses,” by discussing advanced defenses, which covers everything from more sophisticated defenses to good defenses either difficult to deploy or rarely used. But make no mistake about it, these technical defenses, if implemented, could significantly diminish cybersecurity risks related to fighting social engineering and phishing.

AI-Based Content Filters

Previous chapters have covered the importance of having phish-mitigating content filters at both the network and endpoint levels. Any technical defense that can prevent a malicious message from making it to the end user is worthwhile. There are many dozens of Artificial Intelligence-based (AI-based) and otherwise, free and commercial systems, that will detect phishing messages.

The only downside is that most anti-phishing content filtering tools are directed only toward emails and maybe browser-based attacks. It is difficult to impossible to have the same level of content-filtering leveled at SMS-based messages, voice-based calls, productivity apps (like Microsoft Teams, Slack, etc.), and certainly in-person scams. The best future state we can imagine has some form of content-filtering tool involved no matter how the message arrives.

One definition of AI is the intended simulation of human intelligence, including a computer system being capable of producing brand-new content, thought, selection, and direction, beyond what it was directly instructed ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Cybersecurity – Attack and Defense Strategies - Third Edition

Publisher Resources

ISBN: 9781394249206Purchase Link

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Fighting Phishing

by Roger A. Grimes

CHAPTER 10Advanced Defenses

AI-Based Content Filters

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.