Similar authors to follow
See more recommendations
About Christopher Hadnagy
For more information see http://www.social-engineer.com
Chris is a student of Paul Ekman's training classes on Microexpressions and has spent time learning and educating others on the values of nonverbal communications. He has combined what he learned with years of experience in a new research that focuses on using nonverbal body language and facial expressions to influence other peoples emotions. He completed writing his second book, co-authored with Dr. Paul Ekman on this very topic.
He has launched a line of professional social engineering training and pen testing services at Social-Engineer.Com. His goal is to help companies remain secure by educating them on the methods the "bad guys" use. Analyzing, studying, dissecting then performing the very same attacks used by malicious hackers on some of the most recent attacks (i.e. Sony, HB Gary, LockHeed Martin, etc), Chris is able to help companies stay educated and secure.
Chris runs one of the webs most successful security podcasts, The Social-Engineer.Org Podcast which spends time each month interviewing some of the world's leading psychologists, researchers and experts in their field. By dissecting what they do, we can learn how we can enhance our abilities. That same analysis runs over to the equally popular SEORG Newsletter. Both of these have become a staple in most serious security practices and are used by Fortune 500 companies around the world to educate their staff. Chris can be found online at www.social-engineer.org, www.social-engineer.com and twitter as @humanhacker.
Customers Also Bought Items By
Harden the human firewall against the most current threats
Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker’s repertoire—why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly-used techniques that fool even the most robust security personnel, and shows you how these techniques have been used in the past. The way that we make decisions as humans affects everything from our emotions to our security. Hackers, since the beginning of time, have figured out ways to exploit that decision making process and get you to take an action not in your best interest. This new Second Edition has been updated with the most current methods used by sharing stories, examples, and scientific study behind how those decisions are exploited.
Networks and systems can be hacked, but they can also be protected; when the “system” in question is a human being, there is no software to fall back on, no hardware upgrade, no code that can lock information down indefinitely. Human nature and emotion is the secret weapon of the malicious social engineering, and this book shows you how to recognize, predict, and prevent this type of manipulation by taking you inside the social engineer’s bag of tricks.
- Examine the most common social engineering tricks used to gain access
- Discover which popular techniques generally don’t work in the real world
- Examine how our understanding of the science behind emotions and decisions can be used by social engineers
- Learn how social engineering factors into some of the biggest recent headlines
- Learn how to use these skills as a professional social engineer and secure your company
- Adopt effective counter-measures to keep hackers at bay
By working from the social engineer’s playbook, you gain the advantage of foresight that can help you protect yourself and others from even their best efforts. Social Engineering gives you the inside information you need to mount an unshakeable defense.
Learn to identify the social engineer by non-verbal behavior
Unmasking the Social Engineer: The Human Element of Security focuses on combining the science of understanding non-verbal communications with the knowledge of how social engineers, scam artists and con men use these skills to build feelings of trust and rapport in their targets. The author helps readers understand how to identify and detect social engineers and scammers by analyzing their non-verbal behavior. Unmasking the Social Engineer shows how attacks work, explains nonverbal communications, and demonstrates with visuals the connection of non-verbal behavior to social engineering and scamming.
- Clearly combines both the practical and technical aspects of social engineering security
- Reveals the various dirty tricks that scammers use
- Pinpoints what to look for on the nonverbal side to detect the social engineer
Sharing proven scientific methodology for reading, understanding, and deciphering non-verbal communications, Unmasking the Social Engineer arms readers with the knowledge needed to help protect their organizations.
Phishing Dark Waters addresses the growing and continuing scourge of phishing emails, and provides actionable defensive techniques and tools to help you steer clear of malicious emails. Phishing is analyzed from the viewpoint of human decision-making and the impact of deliberate influence and manipulation on the recipient. With expert guidance, this book provides insight into the financial, corporate espionage, nation state, and identity theft goals of the attackers, and teaches you how to spot a spoofed e-mail or cloned website. Included are detailed examples of high profile breaches at Target, RSA, Coca Cola, and the AP, as well as an examination of sample scams including the Nigerian 419, financial themes, and post high-profile event attacks. Learn how to protect yourself and your organization using anti-phishing tools, and how to create your own phish to use as part of a security awareness program.
Phishing is a social engineering technique through email that deceives users into taking an action that is not in their best interest, but usually with the goal of disclosing information or installing malware on the victim's computer. Phishing Dark Waters explains the phishing process and techniques, and the defenses available to keep scammers at bay.
- Learn what a phish is, and the deceptive ways they've been used
- Understand decision-making, and the sneaky ways phishers reel you in
- Recognize different types of phish, and know what to do when you catch one
- Use phishing as part of your security awareness program for heightened protection
Attempts to deal with the growing number of phishing incidents include legislation, user training, public awareness, and technical security, but phishing still exploits the natural way humans respond to certain situations. Phishing Dark Waters is an indispensible guide to recognizing and blocking the phish, keeping you, your organization, and your finances safe.
Social Engineering - Deutsche Ausgabe
Dieses Buch ist nichts für schwache Nerven. Es bringt Sie in jene dunklen Ecken der Gesellschaft, wo die Black Hats (bösartige Hacker) das Sagen haben. Hier werden Bereiche des Social Engineering, in denen sich Spione und Trickbetrüger tummeln, aufgedeckt und eingehend erforscht. Außerdem wird anhand ganz normaler Alltagssituationen gezeigt, inwiefern es sich auch da oft um komplexe Szenarien des Social Engineering handelt. Am Ende deckt das Buch die Tipps und Tricks der Insider, der professionellen Social Engineers und eben auch der kriminellen Profis auf.
Dieses Buch ist mehr als eine Sammlung cooler Stories, toller Hacks oder abgefahrener Ideen. Wissenschaftlich fundiert (dabei höchst unterhaltsam), stellt es das weltweit erste Framework für Social Engineering vor, auf dessen Grundlage der Autor genau analysiert, geradezu seziert, was einen guten Social Engineer ausmacht. Mit praktischen Ratschlägen wird der Leser befähigt, skills zu entwickeln, die es ihm ermöglichen, die nachweislich größte Schwachstelle in IT-Sicherheitssystemen auf die Probe zu stellen: den Menschen.
Aus dem Inhalt:
- Ein Blick in die Welt des Social Engineering
- Was ist Elizitieren?
- Pretexting - In eine andere Haut schlüpfen
- Gedankentricks - Psychologische Prinzipien im Social Engineering
- Beeinflussung - Die Macht der Überredung
- Die Tools des Social Engineer
- Fallstudien: Social Engineering unter der Lupe
- Prävention und Schadensbegrenzung
Über den Autor:
Christopher Hadnagy ist Chefentwickler bei www.social-engineer.org, weltweit die erste Adresse, wenn es um Social Engineering geht. Der Autor kann auf fast fünfzehn Jahre einschlägiger Berufserfahrung zurückblicken, in denen er sich mit den unterschiedlichsten Themen rund um die IT-Sicherheit beschäftigt hat, dabei u.a. für backtrack-linux oder zuletzt im Penetration Testing Team von Offensive Security tätig war.