Catalogue of deceptive works of art

Chapter 1 The weakest link in the safety process 3

1. 1 human factor 3

1.2 A classic cheating case 4

1.2. 1 to get code 4.

1.2.2 This goes to Swiss bank ... 5

1.2.3 You have completed 5

1.3 the essence of the threat 6

More and more concerns

1.3.2 Use of deception 7

1.4 Abuse of others' trust 7

Characteristics of Americans 7

1.4.2 the institution of innocence 8

1.5 terrorists and scams 9

1.6 About this book 9

The second part of the attacker's art

Chapter II When seemingly harmless information brings harm 15

2. 1 Potential value of information 15

2.2 Credit Check Company 16

The work of a private detective

Fraud analysis 20

2.3 Engineer Trap 2 1

2.4 More "useless" information 25

2.5 fraud prevention 26

Chapter 3 Direct Attack: Straight to the Point 29

3. 1 MLAC's uninvited guest 29

Please tell me the telephone number.

3. 1.2 fraud analysis 30

3.2 Young people 30

3.3 doorstep 3 1

3.3. 1 cycle cheating 3 1

Steve's trick 32

3.4 Poison gas attack 33

The Story of Jenny acton 33

3.4.2 Art Silly's investigation project 34

Fraud analysis 35

3.5 fraud prevention 36

Chapter 4 Gaining Trust 37

4. 1 trust: the key to deception 37

The Story of Dolly Launigan

4. 1.2 fraud analysis 40

4.2 Variant of Scheme: Obtaining Credit Card Number 40

4.2. 1 What a surprise, Dad.

4.2.2 Scam Analysis 4 1

4.3 42 mobile phones for a penny

4.4 Invasion of the US Federal Bureau of Investigation 44

4.4. 1 access system 45

4.4.2 Fraud analysis 46

4.5 Prevention of fraud 46

Protect your customers 47

4.5.2 Wise trust

4.5.3 What's on your intranet? 48

Chapter 5 "Let me help you" 49

5. 1 network interruption 49

The story of the attacker 52

5. 1.2 fraud analysis 53

5.2 Help the new girl.

5.3 It's not as safe as you think.

The story of Steve Kramer 57

The story of Craig Coboni 59

5.3.3 Input internal 6 1

Fraud analysis 63

5.4 Prevention of fraud

5.4. 1 education, education and re-education 65

5.4.2 Maintaining the security of sensitive information 66

5.4.3 Consider the source 66

Don't leave anyone out.

Chapter 6 "Can you help me?" Sixty-nine

6. 1 outsiders 69

Watch out for Jones 69

6. 1.2 Business trip 70

6. 1.3 fraud analysis 7 1

6.2 underground bar security 7 1

6.2. 1 I saw 72 in the movie.

6.2.2 Deceiving the telephone company 73

6.3 Temporary Computer Administrator 74

Listen to the radio 74

Eavesdropper Danny 74

6.3.3 Capture the fortress 76

6.3.4 Work after Entry 78

Fraud analysis 80

6.4 fraud prevention 80

Chapter VII Fake Websites and Dangerous Attachments 83

7. 1 Don't you want it for free? 83

7. 1. 1 attached mail 84

7. 1.2 Identifying Malware 85

7.2 Messages from friends 86

7.3 Variant Form 87

Merry Christmas 87

Fraud analysis 88

7.4 variant 89

7.4. 1 wrong link 89

7.4.2 Stay alert 9 1

7.4.3 Understanding the virus

Chapter VIII Using Sympathy, Guilt and Coercion 95

Visit the studio 95

The story of David Harold 96

8. 1.2 fraud analysis 96

8.2 "Act Now" 97

Doug's story 97

8.2.2 Linda's story 97

Fraud analysis 99

8.3 "What does the boss want" 99

Scott's story 100

8.3.2 Scam Analysis 100

8.4 What information does the Social Insurance Administration know about you? 10 1.

The story of Keith Carter

8.4.2 Scam Analysis 104

8.5 Just one phone call 105

Mary H's telephone number is 105.

Peter's story 106

8.5.3 Scam Analysis 108

8.6 police raid 108

8.6. 1 Please show me your search warrant 108.

8.6.2 Deceiving the police 109

8.6.3 Cover up the whereabouts 1 10

8.6.4 Scam Analysis 1 1 1

8.7 Turn to attack 1 12.

8.7. 1 graduation-not very glorious 1 12

8.7.2 Log in and get into trouble 1 12

8.7.3 Helpful Registrar 1 13

8.7.4 Scam Analysis 1 14

8.8 fraud prevention 1 14

8.8. 1 protect data 1 15

8.8.2 About password 1 15

8.8.3 Unified central reporting point 1 16

8.8.4 Protect your network 1 16

8.8.5 Training Points 1 17

Chapter IX Reverse Fraud 1 19

9. 1 the art of persuading others in good faith +0 19

9. 1. 1 Angela's phone number 1 19.

The story of Vince Capeli

9. 1.3 fraud analysis 125

9.2 Let the police be deceived 126

9.2. 1 Eric's scam 126

9.2.2 Switch 127

9.2.3 Call the vehicle management office 128.

9.2.4 Scam Analysis 129

9.3 fraud prevention 130

The third part of the intrusion police report

Chapter 10 Invasion of company territory 135

10. 1 embarrassed security guard 135

10. 1. 1 safety story 135

The story of Joe Harper.

10. 1.3 fraud analysis 139

10.2 garbage rummaging 14 1

10.2. 1 pay for garbage 142

10.2.2 fraud analysis 143

10.3 disgraced boss 143

10.3. 1 bomb 144

10.3.2 Surprise George 145

10.3.3 fraud analysis 145

10.4 people seeking promotion 146

Anthony's story 147

10.4.2 scam analysis 148

10.5 actually peeked at Kevin 150.

10.6 fraud prevention 15 1

10. 6. 1 off-hours protection 15 1

10.6.2 Pay enough attention to garbage 152

10.6.3 Farewell to employees 152

10.6.4 Don't ignore anyone 153

10.6.5 protect it! 154

Chapter 1 1 Combination of Technology and Social Engineering 155

1 1. 1 prison hacker 155

Call11.1(at&; T) 157

1 1. 1.2 looking for Gandalf 158.

1 1. 1.3 alignment time 159

1 1. 1.4 fraud analysis 160

1 1.2 fast download 160

1 1.3 Make money easily 16 1

1 1.3. 1 cash on the spot 162

1 1.3.2 Accept the challenge 163

1 1.4 Using dictionaries as an attack tool 165

1 1.4. 1 password attack 166

1 1.4.2 faster than you think 167

1 1.4.3 scam analysis 169

1 1.5 fraud prevention 170

1 1.5. 1 Just say no to 170.

1 1.5.2 cleaning staff 17 1

1 1.5.3 Remind your partner to protect your password 17 1.

Chapter 12 Attacks on Low-level Employees 173

12. 1 helpful security guard 173

12. 1. 1 From Eliot's point of view, 173

The Story of Bill 174

12. 1.3 fraud analysis 176

12.2 emergency patch 177

12.2. 1 a helpline 177.

12.2.2 fraud analysis 178

12.3 new girl 178

The Story of Kurt Tommy Tam 180

12.3.2 scam analysis 182

12.4 fraud prevention 182

12. 4. 1 receiving people without knowledge 182

12.4.2 Watch out for spyware 184

Chapter 13 Clever deception 187

13. 1 misleading caller id 187

13. 1. 1 Linda's phone number 187.

13. 1.2 the story of jack 188

13.10.3 fraud analysis 189

13.2 variant: the president of the United States calls 189.

13.3 invisible employees 19 1

13.3.2 Shirley's attack 192

13.3.2 fraud analysis 192

13.4 helpful secretary 193

13.5 traffic court 194

13.5. 1 scam 194

13.5.2 fraud analysis 195

13.6 Samantha's revenge 196

13. 6. 1 revenge 197

13.6.2 fraud analysis 198

13.7 fraud prevention 198

Chapter 14 Industrial Spy 20 1

Variants of 14. 1 Conspiracy 20 1

14. 1. 1 class action 20 1

14. 1.2 Peter's attack 202

14. 1.3 fraud analysis 203

14.2 new business partner 203

Jessica's story 204

The story of Sammy Sanford 207

14.2.3 scam analysis 208

14.3 jump back to game 2 10

14. 3. 1 prepare at home 2 1 1

14.3.2 Design Trap 2 12

14.3.3 scam analysis 2 13

14.4 fraud prevention 2 14

Security outside the office 2 15

Who is that man? 2 16

The fourth part is step-by-step content

Chapter 15 Information security awareness and training 2 19

15. 1 realize safety through technology, training and regulations.

15.2 Understanding how attackers exploit human nature 220

15.2. 1 permission 220

15.2.2 Likes 22 1

15.2.3 returns 22 1

Match words with deeds 22 1

As with other 222

Demand exceeds supply 222

15.3 Develop training and safety awareness plan 222

1 target 223

15.3.2 Establish safety training and safety awareness plan 224

15.3.3 training composition 225

Contents of training courses 226

15.4 test 227

15.5 continuous safety awareness 228

15.6 What will I get? 229

Chapter 16 suggests enterprise information security strategy 23 1

What is security policy 232?

16. 1. 1 Steps to make an information security plan 232

How to use these policies 233

16.2 data classification 234

Categories and definitions 16.2. 1 classification 235

16.2.2 Terminology used in classified data 236

16.3 verification and authorization procedures 237

Requests from Trusted Persons 237

Requests of unverified personnel 237

16.4 management policy 24 1

Appendix a safety list 29 1

Appendix b reference 299