Currently unavailable.
We don't know when or if this item will be back in stock.
Select delivery location
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the authors

William L. Simon
Follow
Kevin D. Mitnick
Follow
Something went wrong. Please try your request again later.

The Art of Deception: Controlling the Human Element of Security Audio CD – Unabridged, March 1, 2021

by Kevin Mitnick (Author), William L. Simon (Author)
4.6 4.6 out of 5 stars 1,013 ratings
See all formats and editions

MP3 CD Format

In his worldwide bestseller Secrets and Lies, Bruce Schneier made the case that achieving successful computer security is about more than just hardware and software, it's people. Truly, the greatest vulnerability in protecting the business assets of any company often lies with the company's own employees. Although corporations go to great lengths to install state of the art systems, they continue to ignore the human element of information security. If a hacker calls up some VP's assistant and makes false claims in order to get said VP's network password and is given it, it doesn't matter if you have the ultimate firewall and the most powerful server on the market. Without proper training and security procedures, employees are highly susceptible to what are called "social engineering" attacks that lead them to unwittingly open doors within the organization, both in the literal sense and the information technology sense. You can say what you want about Kevin Mitnick, but know this. There is no one on the planet who has more experience with "social engineering" techniques, and no one who is better able to advise on how these kind of attacks are carried out and can be prevented.
Previous page
  1. Print length
    1 pages
  2. Language
    English
  3. Publisher
    Tantor and Blackstone Publishing
  4. Publication date
    March 1, 2021
  5. Dimensions
    5.3 x 7.5 inches
  6. ISBN-10
    1665197056
  7. ISBN-13
    978-1665197052
  8. See all details
Next page
The Amazon Book Review
The Amazon Book Review
Book recommendations, author interviews, editors' picks, and more. Read it now.

Product details

  • Publisher ‏ : ‎ Tantor and Blackstone Publishing; Unabridged edition (March 1, 2021)
  • Language ‏ : ‎ English
  • Audio CD ‏ : ‎ 1 pages
  • ISBN-10 ‏ : ‎ 1665197056
  • ISBN-13 ‏ : ‎ 978-1665197052
  • Item Weight ‏ : ‎ 3.21 ounces
  • Dimensions ‏ : ‎ 5.3 x 7.5 inches
  • Customer Reviews:
    4.6 4.6 out of 5 stars 1,013 ratings

About the authors

Follow authors to get new release updates, plus improved recommendations.
Previous page
  1. William L. Simon

    William L. Simon

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    William L. Simon is the author or co-author of more than 30 books, including numerous New York Times, national, and international bestsellers. Born in Washington, DC, he holds two degrees from Cornell University, and has been a freelance writer ever since -- first as a writer of documentaries, corporate, and informational films, then as a book author. He is a member of the Writers Guild of America, West, and now lives in Los Angeles.

    See more on the author's page
  2. Kevin D. Mitnick

    Kevin D. Mitnick

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Hello

    See more on the author's page
Next page

Customer reviews

4.6 out of 5 stars
4.6 out of 5
1,013 global ratings
Damage in in books
1 Star
Damage in in books
BOOKS have damage! but in the headline its written NEW.
Hide
Thank you for your feedback
Sorry, there was an error
Sorry we couldn't load the review

Top reviews from the United States

TheWildBoy
5.0 out of 5 stars Fascinating book
Reviewed in the United States on August 2, 2021
Verified Purchase
I bought this book in 2008, and read it after I got it. I was in love with cyber-security and social engineering was the theme those days. I never reviewed the book back then but I reread this book again yesterday and it hit me that Kevin's ideas are some of the most profound ideas when it comes to human behavior.

Our tendency to be helpful.
Our tendency to let someone new come into our lives
Etc,..

I will be honest, after spending 13 years in financial and marketing industry and reading 1000s of books and having 1000s of experiences I promise if someone wants to set me up they probably can.

It's really hard to get away from a good setup.

One thing that helped me all these years is that at the end of the day I ask myself two questions. This is a routine I do every day and been doing it for almost 10 years now.

1. Did I try to help a stranger or someone I know today? If yes, then what was the context.
2. Did someone came in my life trying to do good things for me out of blue? (This can be a friend that randomly texts you on FB or emails you after ages.)
18 people found this helpful
Helpful
 Report
E
5.0 out of 5 stars Speaks volumes on social engineering/makes you think!
Reviewed in the United States on November 17, 2002
Verified Purchase
After reading it, the book makes one more aware of what to be careful when giving out information of any kind and how to protect yourself and your company's assets. I've heard alot of "Don't ever give out your id/password", "Always have firewalls on your network." One hardly ever hears about 'make sure you're giving information to someone who's supposed to have it'. There's tons of books on security with respect to technology but this is the first one I've seen that actually focuses on the weakest link when it comes to security - the human element.
All the firewalls and software can't prevent a social engineer from getting in if he/she knows justs how to act and/or what to say to get what they want. Reading the scenarios really opened my eyes. Theres a scenario where a social engineer pretended to be a manager of a video store. After enough talking to another employee at another branch, the social engineer was able to get enough information to obtain the credit card # of someone who owed money to the client the social engineer was hired by.
In reading the scenarios, I'd seen examples where I'd asked for the type of information described for perfectly legitimate reasons. I'd never imagined how someone could take just 1 or 2 pieces of information and create chaos for a person or a company. If you're in the IT industry, or work in any kind of customer service, you really need to pick up this book. This book doesn't bash people for being as helpful as they can be (team player, etc). He's just saying to be more aware of what's going on and when giving out any kind of information, being a little cautious doesn't hurt. As humans, we're not perfect to begin with, but a little awareness will make it just a little harder for that social engineer to get what they want.
11 people found this helpful
Helpful
 Report
William H. Folk II
5.0 out of 5 stars Everyone should read this book...
Reviewed in the United States on June 4, 2010
Verified Purchase
Simply amazing! I need to read this book again. Not only that I need my entire audit department to read this and realize how open we are to fraud.
The techniques that the author points out on how easy it is to simply ask for information and get it was just too much to pass up. I've tied it within my own audit department to see just how susceptible we are...I still can't believe how open people were to provide me information not knowing who I was.
Everyone should read this book...there are parts that are a little too much for some people but the scenarios that he walks you through are so thorough that you'd swear you've had that conversation before.
'Social Engineering' made simple...maybe that should be the name of this book. I will have to admit that I'm more paranoid than I have ever been before but I guess that is a good trait to have in an auditor.
Helpful
 Report
David M. Giltinan
4.0 out of 5 stars Interesting overview of the human aspects of computer security, with helpful tips on prevention.
Reviewed in the United States on April 1, 2008
Verified Purchase
Kevin Mitnick, probably the most famous (and controversial) computer hacker of the 1990's, has spent several years of his life on the run, as well as a few years in jail. For years after leaving prison he was forbidden to log on to a computer, a prohibition he appealed successfully. He now runs a computer security business, lectures to large corporations, and has co-authored two books on computer network security.

This book focuses on the human element of computer security. Reminding us that even the most sophisticated high-tech security systems can be rendered worthless if the people running them are not sufficiently vigilant, Mitnick goes on to point out the myriad ways in which human carelessness can contribute to security breaches. An experienced con artist who is well-versed in social engineering techniques can often do far more damage by manipulating people to provide information they shouldn't than by relying on technologically sophisticated hacking methods.

The book is interesting for the most part, though it would have benefited from a 25% reduction in length, and there are some annoying stylistic tics. Throughout the first 14 chapters, each of which reviews a particular type of `con' used by hackers/social engineers to breach computer security, the chapter setup follows the same schema:
(i) an anecdote or vignette, involving fictitious characters but based on actual events, which lays out the deception as it unfolds, following it through to the successful breach (ii) analysis of the `con', focusing specifically on the mistakes or behaviors (at the individual and at the organizational level) which allowed it to succeed (iii) discussion of the changes that would be needed to stop the con from succeeding (e.g. behavior of individual employees, corporate policies and procedures, computer software and hardware). This is actually a pretty decent way to make the points Mitnick wants to get across - starting out with a concrete example of how things go wrong gets attention and motivates the reader to read on to figure out the solution.

One feature of the book which was meant to be helpful started to annoy me by about the third chapter. Interspersed throughout each chapter, the authors insert highlighted textboxes of two types: `lingo' - repeating the definition of a concept already adequately defined in the text, or `mitnick messages' - which seemed superfluous, and a little condescending, as they generally repeated what was already obvious. In general, this is not a book you will read for the delights of its prose style (after successfully gaining access to a cache of hidden documents, one hacker is described as spending his evening gleefully "pouring over" the documents); however, the prose is serviceable, managing to avoid lapses into the dreaded corpspeak, for the most part.

For some readers, the most useful part of the book may be its final two chapters. Here the authors lay out, in considerable detail, outlines for recommended corporate information security policies, and an associated training program on information security awareness. Though I am no expert in these areas, the outlines strike me as being commendably thorough - complete enough that they could be fleshed out without too much difficulty to generate a comprehensive set of policies and procedures.

Despite some redundancy, and occasional infelicities of style, this book seemed to me to be interesting, and likely to be practically useful.
9 people found this helpful
Helpful
 Report

Top reviews from other countries

Translate all reviews to English
R.T.
5.0 out of 5 stars Excelente livro, super recomendo!
Reviewed in Brazil on August 25, 2023
Verified Purchase
Excelente livro, super recomendo, principalmente se você trabalha na área de segurança da informação!
Report
Aky
5.0 out of 5 stars Amazing book
Reviewed in Italy on July 15, 2023
Verified Purchase
I didn't read fully but it's just amazing. It got me hooked up.
One person found this helpful
 Report
Francesco
5.0 out of 5 stars Excelente libro
Reviewed in Mexico on April 25, 2018
Verified Purchase
Es un libro consiso, facil de entender y escrito por una de las figuras mas importantes de la seguridad de la informacion. Solo me falta el capitulo final, pero ya queria opinar acerca de este libro. Del primer al penultimo capitulo es completamente entendible, dando definiciones claves para los no familiarizados con el tema de la informatica.
Report
kamatataima
5.0 out of 5 stars very interesting
Reviewed in Germany on March 21, 2019
Verified Purchase
great
Report
Sergio
5.0 out of 5 stars Excelente libro. 100% recomendado.
Reviewed in Spain on March 24, 2018
Verified Purchase
En este libro aprenderás algunas técnicas interesantes de hacking e ingeniería social. Totalmente recomendable, una lectura interesante y muy ilustrativa. El libro está en inglés.
One person found this helpful
 Report