Feineigle.com - The Art of Deception

Home · Book Reports · 2018 · The Art of Deception

Published: June 19, 2018
Tags:  Hacking



The book in...
One sentence:
Story after (mostly boring) story recounting 90s era social engineering.

Five sentences:
With most of the stories, which almost the entire book is made up of, coming from the 1990s, and maybe even 80's, this book is dated to say the least. Given the age, the stories seem believable; from an era where security and connectivity were only starting to really flourish. The technology is extremely dated, cell phones are barely mentioned and smart phones have not even been invented. Still, the end of story analysis and prescribed security policies are interesting. More of a walk down memory lane than anything technically useful.

designates my notes. / designates important.


Thoughts

The stories got stale quickly. They are barely different. Social engineer makes a few phone calls, marks give up requested info, stick a fork in it.

The material is so very out-dated. PBX telephones, and fax machines, and dial up modems, oh my!

The only ‘useful’ material is the reasonable policies to stop social engineers.

Actually, the basic social engineering tactics could be useful if you had no idea how to manipulate someone. Probably better off reading How to Win Friends and Influence People in that case though.

Overall: yawn.


Table of Contents


· 01: Security’s Weakest Link

page 22:
page 26:
page 28:

· 02: When Innocuous Information Isn’t

· 03: The Direct Attack: Just Asking for It

· 04: Building Trust

page 60:

· 05: “Let Me Help You”

· 06: “Can You Help Me?”

· 07: Phony Sites and Dangerous Attachments

· 08: Using Sympathy, Guilt, and Intimidation

· 09: The Reverse Sting

· 10: Entering the Premises

page 185:

· 11: Combining Technology and Social Engineering

· 12: Attacks on the Entry-Level Employee

page 226:

· 13: Clever Cons

· 14: Industrial Espionage

· 15: Information Security Awareness and Training

page 338: