Title: The Art of Deception
Author: Kevin D. Mitnick, William L. Simon, Foreward by Steve Wozniak
From the Book Description:
This book contains a wealth of information about information security and social
engineering. To help you find your way, here’s a quick look at how this book is
In Part 1 I’ll reveal security’s weakest link and show you why you and your company are at risk from social engineering attacks.
In Part 2 you’ll see how social engineers toy with your trust, your desire to be helpful, your sympathy, and your human gullibility to get what they want. Fictional stories of typical attacks will demonstrate that social engineers can wear many hats and many faces.
If you think you’ve never encountered one, you’re probably wrong. Will you recognize a scenario you’ve experienced in these stories and wonder if you had a brush with social engineering? You very well might. But once you’ve read Chapters 2 through 9, you’ll know how to get the upper hand when the next social engineer comes calling.
Part 3 is the part of the book where you see how the social engineer ups the ante, in made-up stories that show how he can step onto your corporate premises, steal the kind of secret that can make or break your company, and thwart your hi-tech security measures.
The scenarios in this section will make you aware of threats that range from simple employee revenge to cyber terrorism. If you value the information that keeps your business running and the privacy of your data, you’llwant to read Chapters 10 through 14 from beginning to end.
It’s important to note that unless otherwise stated, the anecdotes in this book are purely fictional.
In Part 4, I talk the corporate talk about how to prevent successful social
engineering attacks on your organization. Chapter 15 provides a blueprint for a successful security-training program. And Chapter 16 might just save your neck – it’s a complete security policy you can customize for your organization and implement right away to keep your company and information safe.
Finally, I’ve provided a Security at a Glance section, which includes checklists, tables, and charts that summarize key information you can use to help your employees foil a social engineering attack on the job. These tools also provide valuable information you can use in devising your own security-training program.
Throughout the book you’ll also find several useful elements: Lingo boxes provide definitions of social engineering and computer hacker terminology; Mitnick Messages offer brief words of wisdom to help strengthen your security strategy; and notes and sidebars give interesting background or additional information.