Agari, a leading cybersecurity company, today announced the release of a new book by Agari Chief Scientist Markus Jakobsson and other cybersecurity thought leaders, Understanding Social Engineering Based Scams. The book describes the increased use of social engineering for email scams, and offers tools and techniques to identify these trends, as well as countermeasures to prevent these attacks. Examples of social engineering attacks, which are typically launched via email, include phishing, spear phishing and Business Email Compromise (BEC).
Social engineering-based email attacks, which rely on human interaction and fraudulent behavior to trick people into handing over sensitive information or money, are the fastest growing security threat for enterprises today. While traditional attacks leverage technology-based system vulnerabilities, such as software bugs and misconfigurations, social engineering attacks take advantage of human vulnerabilities by using deception to trick victims into performing harmful actions.
Understanding Social Engineering Based Scams provides a good starting point for practitioners, decision makers and researchers in the security space, offering guidance on ways to address the growing problem of social engineering-based cyberattacks, with a focus on understanding the metrics of email-based scams. Chapter topics include Scams and Targeting, Identifying Trends, Why People Fall for Scams, and Filtering Technology, as well as real-life case studies.
“Understanding Social Engineering Based Scams is a broad work that touches on a foundational set of issues, with solid analytical underpinnings,” said Michael Barrett, CEO of Stealth Security and former CISO of PayPal. “It’s an extremely compelling read and I highly recommend it.”
Jakobsson, editor of Understanding Social Engineering Based Scams, is an established researcher and entrepreneur with deep roots in the cybersecurity community. In his career, he held key positions as Principal Scientist at PayPal, Xerox PARC and RSA Security, and co-founded three digital security startups spanning email fraud prevention, user authentication, mobile malware detection and secure user messaging. Other contributors to the book include highly-recognized security researchers and academics from Cornell University and New York University.
“We wrote Understanding Social Engineering Based Scams to help raise awareness of social engineering, which provides the ‘deceit’ component that has powered some of the world’s most visible and successful cyberattacks, including the Ukrainian power grid and Ubiquity attacks in 2015, and the Bangladesh Bank and John Podesta / DNC attacks earlier this year,” said Jakobsson. “Social engineering is a real problem for individuals, enterprises and governments. With this book, we hope to lay the foundation for deeper understanding of the problem as without this understanding, we won’t be able to stop these scams and prevent the subsequent damages.”
Hardcover and kindle versions of Understanding Social Engineering Based Scams are available on Amazon. To win a free copy of the book, visit the Agari Social Engineering website.