Vous voulez voir cette page en français ? Cliquez ici.

Sign in to turn on 1-Click ordering.
More Buying Choices
Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Phishing: Cutting the Identity Theft Line [Paperback]

Rachael Lininger , Russell Dean Vines

List Price: CDN$ 32.99
Price: CDN$ 20.78 & FREE Shipping on orders over CDN$ 25. Details
You Save: CDN$ 12.21 (37%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Usually ships within 1 to 4 weeks.
Ships from and sold by Amazon.ca. Gift-wrap available.
Join Amazon Student in Canada

Book Description

May 6 2005
"Phishing" is the hot new identity theft scam. An unsuspecting victim receives an e-mail that seems to come from a bank or other financial institution, and it contains a link to a Web site where s/he is asked to provide account details. The site looks legitimate, and 3 to 5 percent of people who receive the e-mail go on to surrender their information-to crooks. One e-mail monitoring organization reported 2.3 billion phishing messages in February 2004 alone.

If that weren't enough, the crooks have expanded their operations to include malicious code that steals identity information without the computer user's knowledge. Thousands of computers are compromised each day, and phishing code is increasingly becoming part of the standard exploits.
Written by a phishing security expert at a top financial institution, this unique book helps IT professionals respond to phishing incidents. After describing in detail what goes into phishing expeditions, the author provides step-by-step directions for discouraging attacks and responding to those that have already happened.

In Phishing, Rachael Lininger:

  • Offers case studies that reveal the technical ins and outs of impressive phishing attacks.
  • Presents a step-by-step model for phishing prevention.
  • Explains how intrusion detection systems can help prevent phishers from attaining their goal-identity theft.
  • Delivers in-depth incident response techniques that can quickly shutdown phishing sites.

Product Details

Product Description


“…written by a phishing security expert at a top financial institution, this unique book helps IT professionals respond to phishing incidents…” (Computing, 28 July 2005)

From the Back Cover

Have you been caught yet?

They don't just want to know who you are, they want to BE who you are. By duplicating a legitimate website, phishers can convince you that email asking for your personal information came from your bank, an online retailer, even your ISP. Their high-tech identity theft costs American consumers and businesses billions, and if you access the Internet, you're a target. Whether you manage corporate security or just shop online, this book is loaded with weapons you can't afford to be without.

  • Be able to identify and avoid phishing emails and websites
  • Recognize spyware, understand how it benefits phishers, and learn how to get rid of it
  • Take appropriate steps to safeguard your organization against attack
  • Learn how to protect yourself online
  • Find out how to report phishing incidents, and why you should
  • Understand the scope of phishing and how it threatens our online infrastructure
  • Explore additional resources that will keep you up to date
  • Discover how to get off the hook if you've already swallowed the bait

Inside This Book (Learn More)
First Sentence
Phishing is automated identity theft. Read the first page
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.3 out of 5 stars  11 reviews
9 of 11 people found the following review helpful
5.0 out of 5 stars Very practical material that's extremely relevant... May 14 2005
By Thomas Duff - Published on Amazon.com
Phishing is the scourge of the internet right now. Rachael Lininger and Russell Dean Vines have done a pretty good job in helping individuals and companies understand the problem with their book Phishing - Cutting The Identity Theft Line (Wiley).

Chapter List: Phishing for Phun and Profit; Bait and Switch: Phishing Emails; False Fronts: Phishing Websites; Are You Owned: Understanding Phishing Spyware; Gloom and Doom: You Can't Stop Phishing Completely; Helping Your Organization Avoid Phishing; Fighting Back: How Your Organization Can Respond To Attack; Avoiding the Hook: Consumer Education; Help! I'm a Phish! Consumer Response; Glossary of Phishing-Related Terms; Useful Websites; Identity Theft Affidavit; Index

It used to be I'd see one or two "requests" a week to update my personal information for places like eBay or Citibank. Now it's closer to two or three a day. I'm well aware that these phishing attempts are scams meant to commit identity theft, but apparently we internet-savvy people are in the minority. Lininger and Vines have written a very readable and understandable guide to phishing that can easily be given to nearly anyone to help them protect themselves. The uninitiated will quickly grasp the idea that they shouldn't be responding to emails like these, and as a result they'll be much safer. People who are internet-savvy will learn the tricks that are used by the phishers to make links appear to be something other than what they truly are. Even organizations can benefit from the chapters on what they should do if they find that their servers have been co-opted to run a phishing scam.

Very practical material with the benefit of being a book that's fun to read. This is information that needs to be in the hands of all internet users these days...
5 of 6 people found the following review helpful
4.0 out of 5 stars Excellent Cover-the-Basics on Phishing Scams May 13 2005
By Marnie_ATL - Published on Amazon.com
I was browsing through computer security oriented books recently (May 2005) at a large national book chain. I went through the indexes in the back of the books to see how often or not the category "Phishing" was referenced. It was very few.

I then stumbled across this book. It is very informative to those who are only vaguely familiar with this big scam. The authors even provide sample text and code that phishers have regularly used. As noted in the book, in the earlier days, the phishers often used poorly constructed English in their spam, but the scam has grown in its own sophistication. The authors provide also very clear terminology in regards to this scam, such as the difference between the terms: phish, vs. phishing vs. phishing sites vs. phishing email. They also provide help to those who have fallen for the phishing scams. The authors give the reader step by step instructions on how to go to the police to file a report and to report the issue to the ISP.

The authors are very correct, this problem of phishing is only going to grow larger as a problem online despite making more people aware of it and the unknown backend battle against it by the ISPs. Luckily magazines like Readers' Digest and Newsweek have had occasional articles on phishing. I can only hope spreading more of such awareness minimizes more attacks against unsuspecting users online who are defrauded.

I work in a field where I attempt to minimize phishing scams. I found that such attacks have seemed to increase over the past year. A good starter site for such information is: <a href="[...]">antiphishing.org</a> the Anti-Phishing Working Group's website. The phishers typically attack by compromising webservers with outdated OSes and/ or setting up fraudulent hosting accounts with stolen credit cards.

In my own forensic research from time to time with phishing scams on infected webservers, that often the culprits setting up the phishing sites are originating from IPs in foreign countries, notably North Africa and Eastern Europe. The only draw back to this book I can think of is I wish the book had more information pulled from ISPs themselves who fight this serious scam.
1 of 1 people found the following review helpful
3.0 out of 5 stars Flakey writing style, but with a lot of information March 26 2006
By thecrwth - Published on Amazon.com
The authors claim this book is for a wide range of people from network administrators type people to any one who wants to learn about phishing. Though there is a lot of information in this book, most of it will be common knowledge to people who are employed to keeps networks secure. This books would be great for some one who has been scammed, if you can overlook the flakey writing. For instance, instead of Congressmen they refer to them as "Congresscritters". It was annoying and difficult to keep much of the authors' information seriously. If you can ignore this, you will learn a lot about phishing scams, what to avoid, and how to recover from one.
4.0 out of 5 stars Helpful info for infosec professionals March 2 2007
By Dr. G. Hinson - Published on Amazon.com
Phishing is simply about someone sending out emails inviting you to `update your details', right? Well, yes ... and no. This book ably demonstrates that there is rather more to it than that. Authors Rachael Lininger and Russell Dean Vines explain the basics and then go on to lift the covers on a seedy underworld where criminal hackers combine social engineering and fraud techniques with spyware, rootkits and other tricks to exploit vulnerabilities in email readers and Internet browsers.

Phishing is essentially a detailed security awareness text focusing on phishing and identity theft. Its main aim is to enable the reader to identify and avoid phishing emails and websites, with secondary objectives being to raise awareness of spyware and other forms of malware, and to advise those who have already swallowed the phisher's bait.

The two chapters giving advice for financial services and similar companies whose customers are being phished are fairly weak, but to be fair there is not a huge amount they can do. Two chapters of advice for ordinary computer users go well beyond the usual `watch out for phishing emails', covering aspects such as antivirus and patching.

The following audiences are identified:

- Incident response teams at financial institutions

- Information security professionals and management

- Executive management of any company whose brand might be spoofed

- Everyone who uses the Internet

Phishing is quite a long and specific book that seems unlikely to be read by many non-technical readers, despite its laudable aims. The professional readership will benefit from this book.

Rachael Lininger is billed as a `technical writer in the information security department of a major US financial institution'. It is clear from her writing that she has written up a lot of phishing attacks before.

Russel Dean Vines is a well-qualified information security consultant and cyber-counterterrorism specialist as well as an accomplished jazz musician.

Although the topics are quite technical in places, the book treads a fine line between oversimplifying things and delving too deeply. Rachael's sections include some very welcome tongue-in-cheek asides and even the odd Monty Python reference to brighten up an otherwise rather dry topic. There are plenty of examples of phishing emails, analyzed down to the level of the HTML code, and URLs for more information.

Although things are moving rapidly in this field, Phishing remains relevant and useful two years or more after it was written. The authors' experience evidently qualified them to take a forward-looking perspective. This should definitely be on the bookshelf of the information security department at any eBusiness.
2 of 3 people found the following review helpful
5.0 out of 5 stars Readable, relevant and practical Sept. 1 2005
By Michael S. Trovato - Published on Amazon.com
"Phishing - Cutting the Identity Theft Line", is very readable, relevant, and informative. As a leading risk professional in banking and finance where losses due to these scams have recently to move into the millions at many institutions, the book is timely and is a must read for business leaders and consumers. It lucidly explains key phishing concepts and techniques and what can be done to mitigate the risks.

Look for similar items by category