book

Fighting Phishing

Name: Fighting Phishing
Author: Roger A. Grimes
ISBN: 9781394249206

by Roger A. Grimes

February 2024

Intermediate to advanced

448 pages

9h 22m

English

Wiley

Read now

Unlock full access

Cover
Table of Contents
Title Page
Introduction
Who This Book Is ForWhat Is Covered in This BookHow to Contact Wiley or the Author
PART I: Introduction to Social Engineering Security
CHAPTER 1: Introduction to Social Engineering and Phishing
What Are Social Engineering and Phishing?How Prevalent Are Social Engineering and Phishing?Summary
CHAPTER 2: Phishing Terminology and Examples
Social EngineeringPhishWell-Known BrandsTop Phishing SubjectsStressor StatementsMalicious DownloadsMalwareBotsDownloaderAccount TakeoverSpamSpear PhishingWhalingPage HijackingSEO PharmingCalendar PhishingSocial Media PhishingRomance ScamsVishingPretextingOpen-Source IntelligenceCallback PhishingSmishingBusiness Email CompromiseSextortionBrowser AttacksBaitingQR PhishingPhishing Tools and KitsSummary
CHAPTER 3: 3x3 Cybersecurity Control Pillars
The Challenge of CybersecurityComplianceRisk ManagementDefense-In-Depth3x3 Cybersecurity Control PillarsSummary
PART II: Policies
CHAPTER 4: Acceptable Use and General Cybersecurity Policies
Acceptable Use Policy (AUP)General Cybersecurity PolicySummary

CHAPTER 5: Anti-Phishing Policies
The Importance of Anti-Phishing PoliciesWhat to IncludeSummary
CHAPTER 6: Creating a Corporate SAT Policy
Getting Started with Your SAT PolicyNecessary SAT Policy ComponentsExample of Security Awareness Training Corporate PolicyAcme Security Awareness Training Policy: Version 2.1Summary
PART III: Technical Defenses
CHAPTER 7: DMARC, SPF, and DKIM
The Core ConceptsA US and Global StandardEmail AddressesSender Policy Framework (SPF)Domain Keys Identified Mail (DKIM)Domain-based Message Authentication, Reporting, and Conformance (DMARC)Configuring DMARC, SPF, and DKIMPutting It All TogetherDMARC Configuration CheckingHow to Verify DMARC ChecksHow to Use DMARCWhat DMARC Doesn't DoOther DMARC ResourcesSummary
CHAPTER 8: Network and Server Defenses
Defining NetworkNetwork IsolationNetwork-Level Phishing AttacksNetwork- and Server-Level DefensesSummary
CHAPTER 9: Endpoint Defenses
Focusing on EndpointsAnti-Spam and Anti-Phishing FiltersAnti-MalwarePatch ManagementBrowser SettingsBrowser NotificationsEmail Client SettingsFirewallsPhishing-Resistant MFAPassword ManagersVPNsPrevent Unauthorized External Domain CollaborationDMARCEnd Users Should Not Be Logged on as AdminChange and Configuration ManagementMobile Device ManagementSummary
CHAPTER 10: Advanced Defenses
AI-Based Content FiltersSingle-Sign-OnsApplication Control ProgramsRed/Green DefensesEmail Server ChecksProactive Doppelganger SearchesHoneypots and CanariesHighlight New Email AddressesFighting USB AttacksPhone-Based TestingPhysical Penetration TestingSummary
PART IV: Creating a Great Security Awareness Program
CHAPTER 11: Security Awareness Training Overview
What Is Security Awareness Training?Goals of SATSenior Management SponsorshipAbsolutely Use Simulated Phishing TestsDifferent Types of TrainingComplianceLocalizationSAT Rhythm of the BusinessReporting/ResultsChecklistSummary
CHAPTER 12: How to Do Training Right
Designing an Effective Security Awareness Training ProgramBuilding/Selecting and Reviewing Training ContentAdditional ReferencesSummary
CHAPTER 13: Recognizing Rogue URLs
How to Read a URLMost Important URL InformationRogue URL TricksSummary
CHAPTER 14: Fighting Spear Phishing
BackgroundSpear Phishing ExamplesHow to Defend Against Spear PhishingSummary
CHAPTER 15: Forensically Examining Emails
Why Investigate?Why You Should Not InvestigateHow to InvestigateExamining EmailsClicking on Links and Running MalwareSubmit Links and File Attachments to AVThe Preponderance of EvidenceA Real-World Forensic Investigation ExampleSummary
CHAPTER 16: Miscellaneous Hints and Tricks
First-Time Firing OffenseText-Only EmailMemory IssuesSAT CounselorAnnual SAT User ConferenceVoice-Call TestsCredential SearchesDark Web SearchesSocial Engineering Penetration TestsRansomware RecoveryPatch, Patch, PatchCISA Cybersecurity Awareness ProgramPasskeysAvoid Controversial Simulated Phishing SubjectsPractice and Teach MindfulnessMust Have Mindfulness ReadingSummary
CHAPTER 17: Improving Your Security Culture
What Is a Security Culture?Seven Dimensions of a Security CultureImproving Security CultureOther ResourcesSummary
Conclusion
Acknowledgments
About the Author
Index
Copyright
Dedication
End User License Agreement

Content preview from Fighting Phishing

CHAPTER 13Recognizing Rogue URLs

Most phishing attempts include a rogue URL, which, if the potential victim clicks on it, will attempt to get the victim to perform an action against the victim's self-interests. The link may take the potential victim to a malicious website, attempt to launch malicious content, or ask the victim for confidential information. Teaching a user how to tell the difference between a legitimate and a rogue URL is one of the best skills that can be learned. Chapter 13 will cover how any user can tell the difference between a rogue and a legitimate URL link.

How to Read a URL

URL stands for uniform resource locator (URL), which is the formatting standard for representing the location of digital objects on networks. Simply, a URL is an address for an object on the Internet. The most common places people see URLs are in emails and the address location of their Internet browser. URLs most often represent objects and locations on the World Wide Web (WWW) but can point to objects using other protocols (e.g., File Transfer Protocol (FTP), Telnet, and 3270 terminals). Figure 13-1 shows an example of a common URL with its components identified.

A snapshot of U R L indicating the U R L protocol monitor, D N S domain, endpoint host name, and resource path. — **FIGURE 13-1** An example of a URL and its components.

Protocol Moniker

The beginning of URLs may include a moniker representing the protocol used to retrieve the object pointed to by the URL. Most people are used to ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Cybersecurity – Attack and Defense Strategies - Third Edition

Publisher Resources

ISBN: 9781394249206Purchase Link

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Fighting Phishing

by Roger A. Grimes

CHAPTER 13Recognizing Rogue URLs