Book Offers Tools and Techniques to Prevent Social Engineering-based Email Attacks
SAN MATEO, Calif. Agari, a leading cybersecurity company, today announced the release of a new book by Agari Chief Scientist Markus Jakobsson and other cybersecurity thought leaders, Understanding Social Engineering Based Scams. The book describes the increased use of social engineering for email scams, and offers tools and techniques to identify these trends, as well as countermeasures to prevent these attacks. Examples of social engineering attacks, which are typically launched via email, include phishing, spear phishing and Business Email Compromise (BEC).
Social engineering-based email attacks, which rely on human interaction and fraudulent behavior to trick people into handing over sensitive information or money, are the fastest growing security threat for enterprises today. While traditional attacks leverage technology-based system vulnerabilities, such as software bugs and misconfigurations, social engineering attacks take advantage of human vulnerabilities by using deception to trick victims into performing harmful actions.
Understanding Social Engineering Based Scams provides a good starting point for practitioners, decision makers and researchers in the security space, offering guidance on ways to address the growing problem of social engineering-based cyberattacks, with a focus on understanding the metrics of email-based scams. Chapter topics include Scams and Targeting, Identifying Trends, Why People Fall for Scams, and Filtering Technology, as well as real-life case studies.
“Understanding Social Engineering Based Scams is a broad work that touches on a foundational set of issues, with solid analytical underpinnings,” said Michael Barrett, CEO of Stealth Security and former CISO of PayPal. “It’s an extremely compelling read and I highly recommend it.”
Jakobsson, editor of Understanding Social Engineering Based Scams, is an established researcher and entrepreneur with deep roots in the cybersecurity community. In his career, he held key positions as Principal Scientist at PayPal, Xerox PARC and RSA Security, and co-founded three digital security startups spanning email fraud prevention, user authentication, mobile malware detection and secure user messaging. Other contributors to the book include highly-recognized security researchers and academics from Cornell University and New York University.
“We wrote Understanding Social Engineering Based Scams to help raise awareness of social engineering, which provides the ‘deceit’ component that has powered some of the world’s most visible and successful cyberattacks, including the Ukrainian power grid and Ubiquity attacks in 2015, and the Bangladesh Bank and John Podesta / DNC attacks earlier this year,” said Jakobsson. “Social engineering is a real problem for individuals, enterprises and governments. With this book, we hope to lay the foundation for deeper understanding of the problem as without this understanding, we won’t be able to stop these scams and prevent the subsequent damages.”
Social Engineering Resources:
- Visit our Social Engineering Resource Center
- Check out our upcoming social engineering webinar: Email Identity Deception, Defined and Quantified
- Download our latestEmail Security: Social Engineering Report
Agari, a leading cybersecurity company, is trusted by leading Fortune 1000 companies to protect their enterprise, partners and customers from advanced email phishing attacks. The Agari Email Trust Platform is the industry’s only solution that ‘understands’ the true sender of emails, leveraging the company’s proprietary, global email telemetry network and patent-pending, predictive Agari Trust Analytics to identify and stop phishing attacks. The platform powers Agari Enterprise Protect, which help organizations protect themselves from advanced spear phishing attacks, and Agari Customer Protect, which protects consumers from email attacks that spoof enterprise brands. Agari, a recipient of the JPMorgan Chase Hall of Innovation Award and recognized as a Gartner Cool Vendor in Security, is backed by Alloy Ventures, Battery Ventures, First Round Capital, Greylock Partners, Norwest Venture Partners and Scale Venture Partners. Learn more at http://www.agari.com and follow us on Twitter @AgariInc.