You don't need to own a Kindle device to enjoy Kindle books. Download one of our FREE Kindle apps to start reading Kindle books on all your devices.
To get the free app, enter your mobile phone number.
Unmasking the Social Engineer: The Human Element of Security 1st Edition, Kindle Edition
|Length: 260 pages||Enhanced Typesetting: Enabled||Page Flip: Enabled|
From the Publisher
CHRISTOPHER HADNAGY is author of the best-selling book, Social Engineering: The Art of Human Hacking and professional social engineer who works with Fortune 500 companies.
DR. PAUL EKMAN, PH.D., is the world?s foremost expert on facial expressions and professor emeritus of psychology at the University of California San Francisco School of Medicine. Dr. Ekman?s pioneering work in the field of nonverbal communication and visual lie detection was the inspiration behind the hit TV series Lie to Me, for which he acted as a scientific consultant. Dr. Ekman has also served as an advisor to police departments and anti-terrorism groups within the United States government, and is the author 13 books, including Telling Lies and Emotions Revealed.--This text refers to the paperback edition.
From the Inside Flap
Combining the science of nonverbal communications with the art of social engineering
Social engineers are experts at getting people to do what they want. The step-by-step instructions in this book will put you in a place to get what you want by understanding what people aren’t telling you. Christopher Hadnagy, Dr. Paul Ekman, and Paul Kelly have joined forces to explain how social engineering works and how you can prevent it. Security is more than just defending against people with malicious intent. It’s about using your knowledge of social engineering and “human hacking” to stay in control of every situation.
Learn to instantly identify nonverbal communication
- Read people’s body language and facial expressions
- Learn how malicious hackers gain your trust
- Think like a “human hacker”
- Understand the security vulnerabilities beyond your IT infrastructure
- Review real-world case studies with detailed photos of typical non-verbal behaviors of the social engineer
- Develop the knowledge and skills to neutralize the growing threat from malicious social engineers
- ASIN : B00I41PX5E
- Publisher : Wiley; 1st edition (27 January 2014)
- Language : English
- File size : 16396 KB
- Text-to-Speech : Enabled
- Screen Reader : Supported
- Enhanced typesetting : Enabled
- X-Ray : Not Enabled
- Word Wise : Not Enabled
- Print length : 260 pages
- Best Sellers Rank: 901,561 in Kindle Store (See Top 100 in Kindle Store)
- Customer Reviews:
Review this product
Top reviews from other countries
I was looking forward to seeing this come out and had my pre-order in for months before it came out (some life events meant I'm late posting this) and as soon as it came in I put my (then) current book down half read and started on this.
It's clear that the book is intended, not as an alternative to the first book but as, more of an introduction to the science behind the techniques of social engineering discussed in the first book; as well as supplemental material such as micro-expressions. As such, it does a good job explaining that Social Engineering is based on sound psychological principles and not just on simplistic cons or jedi mind tricks. The writing style is engaging and discusses the subject along with relevant anecdotes from the authors experience. Given that, and the relatively short length of the book, you can easily zip through it in one or two sittings.
Reading some of the reviews of the first book its clear that, as well as a lot of very positive feedback on the value of it, it attracted a number of negative reviews mainly from people who just thought "conning people is bad" (ignoring the context). In tandem with a pervasive view in Infosec that social engineering is somehow an inferior form of hacking, it could be viewed that this book is a direct response to that criticism. This is where I think some people might not see the full value. You can't learn everything there is to learn about such a complex subject as micro-expressions for example in a book this size. What you can do is learn that the subject exists, why it's of value to a social engineer, and where you can go to learn more. It's essentially a gateway to other works on the subjects herein from Dr Ekman, Cialdini, Navarro, Dreeke, etc. If you want to learn "how" read the first book and all the other works referenced. This book is more around a view on "why". Why the techniques work, and why a social engineer might use them in the context of an exercise.
Having already read a number of books around this subject I perhaps didn't learn a huge amount of new material, but I enjoyed reading the book nonetheless and I can see the value in reading it; even more so if you are just starting out in the field.
The link with Social Engineering (SE) was a huge stretch with very little useful, applicable or meaningful SE elements. Essentially this book was a rehash of existing body language material, most noticeably Joe Navarro's stuff.
If you're interested in SE then get another book. If you're interested in body language or the work of Dr Ekman........then get another book.
Bien sur ça s'applique aussi aux gens qui essaient d'influencer une personne pour qu'elle donne des informations privées. Mais je ne vois pas pourquoi quelqu'un associe le terme social engineering avec ces techniques, c'est comme donner un blanc seing au hackers du monde, et leur dire quelles techniques utiliser pour influencer les gens.
J'ai apprécié les astuces pour détecter les micro et macro expressions du visage, pour déchiffrer la signification des positions du corps. Je les utiliserai avec bonheur avec mon mari!!!
The book essentially a guide to non-verbal communication, elicitation, building rapport etc. with a view to social engineering, ie information gathering, pretexting, rapport, influence/manipulation, framing etc. It is very good in description of the processes commonly involved and the prescriptive side of the story is one of raising awareness about these processes for the purposes of improved security, it doesnt matter how many data protection and other measures there exist for someone personally and professionally if the human element isnt right its easy to "accidentially" reveal all that someone with malintent will need to transcend them all.
The question remains as to whether or not this book is illuminating enough to justify its expense, surely everyone possesses some level of awareness or insight into others to recognise when someone's behaviour appears manipulative, when they ask more questions than they ever provide disclosures, when they disclosures have a phony quality and simply mirror the context or the other with whom they are interacting and the a myriad of minor slips add up to something more like an indication of bad character.
There probably are varying degrees of wariness and perhaps some readers will be approaching books like this "after the horse has bolted", ie when their existing level of wariness as proven inadequate and they are questioning why, or perhaps its nothing which has happened to them personally but they have reflected upon headlines in the news about how routinely business and other services have been infiltrated by individuals who are willing to abuse positions of trust.
There is definitely content here which will refine any existing insight a reader possesses and it is not commonsensical material sold as something special. The book did make me think of a collection of slides or material built up over time through presenations, training resources and public speaking, both a strength and a weakness in some ways, so while as a reader you may at times feel this would all suit another method of delivery better, ie a talk, it also permits a lot of concision and if you want further information its possible to look elsewhere for more detail.
One thing I would note is a point about style, the author writes a style which is familiar to me from certain US business and management writers which can occasionally emulate something of a "bad novel" in style, like someone is writing for a presentation and it would suit that well but not so much a book. This is of course my opinion and maybe not shared by many, it is a minor quibble about what is overall a fine book. I would recommend this to as wide a readership as possible, the general reader aswell as the professional, I believe it is intended for such a readership and could provide some assurities against being scammed or targetted by the skilled manipulator.