Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Title Page
Copyright Page
Dedication
Social Engineering
Foreword
preface
Introduction
part 1 - behind the scenes
chapter 1 - Security’s Weakest Link
THE HUMAN FACTOR
A CLASSIC CASE OF DECEPTION
THE NATURE OF THE THREAT
ABUSE OF TRUST
TERRORISTS AND DECEPTION
ABOUT THIS BOOK
part 2 - the art of the attacker
chapter 2 - When Innocuous Information Isn’t
THE HIDDEN VALUE OF INFORMATION
CREDITCHEX
THE ENGINEER TRAP
MORE “WORTHLESS” INFO
PREVENTING THE CON
chapter 3 - The Direct Attack: Just Asking for It
AN MLAC QUICKIE
YOUNG MAN ON THE RUN
ON THE DOORSTEP
GAS ATTACK
PREVENTING THE CON
chapter 4 - Building Trust
TRUST: THE KEY TO DECEPTION
VARIATION ON A THEME: CARD CAPTURE
THE ONE-CENT CELL PHONE
HACKING INTO THE FEDS
PREVENTING THE CON
chapter 5 - “Let Me Help You”
THE NETWORK OUTAGE
A LITTLE HELP FOR THE NEW GAL
NOT AS SAFE AS YOU THINK
PREVENTING THE CON
chapter 6 - “Can You Help Me?”
THE OUT-OF-TOWNER
SPEAKEASY SECURITY
THE CARELESS COMPUTER MANAGER
PREVENTING THE CON
chapter 7 - Phony Sites and Dangerous Attachments
“WOULDN’T YOU LIKE A FREE (BLANK)?”
MESSAGE FROM A FRIEND
VARIATIONS ON A THEME
VARIATIONS ON THE VARIATION
chapter 8 - Using Sympathy, Guilt, and Intimidation
A VISIT TO THE STUDIO
“DO IT NOW”
“MR. BIGG WANTS THIS”
WHAT THE SOCIAL SECURITY ADMINISTRATION KNOWS ABOUT YOU
ONE SIMPLE CALL
THE POLICE RAID
TURNING THE TABLES
PREVENTING THE CON
chapter 9 - The Reverse Sting
THE ART OF FRIENDLY PERSUASION
COPS AS DUPES
PREVENTING THE CON
part 3 - intruder alert
chapter 10 - Entering the Premises
THE EMBARRASSED SECURITY GUARD
DUMPSTER DIVING
THE HUMILIATED BOSS
THE PROMOTION SEEKER
Analyzing the Con
SNOOPING ON KEVIN
PREVENTING THE CON
chapter 11 - Combining Technology and Social Engineering
HACKING BEHIND BARS
THE SPEEDY DOWNLOAD
EASY MONEY
THE DICTIONARY AS AN ATTACK TOOL
PREVENTING THE CON
chapter 12 - Attacks on the Entry-Level Employee
THE HELPFUL SECURITY GUARD
THE EMERGENCY PATCH
THE NEW GIRL
PREVENTING THE CON
chapter 13 - Clever Cons
THE MISLEADING CALLER ID
VARIATION: THE PRESIDENT OF THE UNITED STATES IS CALLING
THE INVISIBLE EMPLOYEE
THE HELPFUL SECRETARY
TRAFFIC COURT
SAMANTHA’S REVENGE
PREVENTING THE CON
chapter 14 - Industrial Espionage
VARIATION ON A SCHEME
THE NEW BUSINESS PARTNER
LEAPFROG
PREVENTING THE CON
part 4 - raising the bar
chapter 15 - Information Security Awareness and Training
SECURITY THROUGH TECHNOLOGY, TRAINING, AND PROCEDURES
UNDERSTANDING HOW ATTACKERS TAKE ADVANTAGE OF HUMAN NATURE
CREATING TRAINING AND AWARENESS PROGRAMS
TESTING
ONGOING AWARENESS
WHAT’S IN IT FOR ME?
chapter 16 - Recommended Corporate Information Security Policies
WHAT IS A SECURITY POLICY?
DATA CLASSIFICATION
VERIFICATION AND AUTHORIZATION PROCEDURES
MANAGEMENT POLICIES
INFORMATION TECHNOLOGY POLICIES
POLICIES FOR ALL EMPLOYEES
POLICIES FOR TELECOMMUTERS
POLICIES FOR HUMAN RESOURCES
POLICIES FOR PHYSICAL SECURITY
POLICIES FOR RECEPTIONISTS
POLICIES FOR THE INCIDENT REPORTING GROUP
Security at a Glance
sources
Acknowledgements
index
← Prev
Back
Next →
← Prev
Back
Next →