[Home] [Articles, Categories, Tags] [Books, Quotes]
The Art of Deception
Author:
Pub Year:
Source:
Read: 2018-06-19
Last Update: 2018-06-19

Five Sentence Abstract:

With most of the stories, which almost the entire book is made up of, coming from the 1990s, and maybe even 80's, this book is dated to say the least. Given the age, the stories seem believable; from an era where security and connectivity were only starting to really flourish. The technology is extremely dated, cell phones are barely mentioned and smart phones have not even been invented. Still, the end of story analysis and prescribed security policies are interesting. More of a walk down memory lane than anything technically useful.

Thoughts:

The stories got stale quickly. They are barely different. Social engineer makes a few phone calls, marks give up requested info, stick a fork in it.

The material is so very out-dated. PBX telephones, and fax machines, and dial up modems, oh my!

The only 'useful' material is the reasonable policies to stop social engineers.

Actually, the basic social engineering tactics could be useful if you had no idea how to manipulate someone. Probably better off reading How to Win Friends and Influence People in that case though.

Overall: yawn.

Exceptional Excerpts:

Notes:

Table of Contents

01: Security's Weakest Link
02: When Innocuous Information Isn’t
03: The Direct Attack: Just Asking for It
04: Building Trust
05: “Let Me Help You”
06: “Can You Help Me?”
07: Phony Sites and Dangerous Attachments
08: Using Sympathy, Guilt, and Intimidation
09: The Reverse Sting
10: Entering the Premises
11: Combining Technology and Social Engineering
12: Attacks on the Entry-Level Employee
13: Clever Cons
14: Industrial Espionage
15: Information Security Awareness and Training
16: Recommended Corporate Information Security Policies

01: Security's Weakest Link

page 22:
page 26:
page 28:

02: When Innocuous Information Isn’t

03: The Direct Attack: Just Asking for It

04: Building Trust

page 60:

05: “Let Me Help You”

06: “Can You Help Me?”

07: Phony Sites and Dangerous Attachments

08: Using Sympathy, Guilt, and Intimidation

09: The Reverse Sting

10: Entering the Premises

page 185:

11: Combining Technology and Social Engineering

12: Attacks on the Entry-Level Employee

page 226:

13: Clever Cons

14: Industrial Espionage

15: Information Security Awareness and Training

16: Recommended Corporate Information Security Policies

page 338:










[About] [Contact]