Markus Jakobsson

Email phishing is far more sophisticated than it used to be—and even you could fall for it.

Is the Internet at risk? Can fraud and abuse make it so undesirable that people will turn elsewhere? What could push us over the tipping point -- and how can we avoid it?

Mobile authentication is not simply authentication on a mobile device. Differences in user interfaces, user attitudes and more create different dynamics. This book describes the differences and how to address these -- not always by tweaking old solutions, but by redesign, where needed.

This paper argues that biometric methods, such as finger- printing methods, could address a large part of this towering threat - but only if properly architected. We describe an architecture that is practically attainable and which would address the problem in a meaningful way, and argue that this is a promising direction – both in terms of security and usability.
Keywords-authentication; biometrics; fraud; malware.

The McAfee Security Journal was created as a venue to inform security executives and IT personnel on cutting-edge topics, and to examine the future of information security.

The first textbook describing the problem of phishing -- and some of the possible countermeasures.

There’s a new breed of online predators—serious criminals intent on stealing big bucks and top-secret information—and their weapons of choice are a dangerous array of tools called “crimeware.” With an ever-growing number of companies, organizations, and individuals turning to the Internet to get things done, there’s an urgent need to understand and prevent these online threats.

Crimeware: Understanding New Attacks and Defenses will help security professionals, technical managers… Show more

There’s a new breed of online predators—serious criminals intent on stealing big bucks and top-secret information—and their weapons of choice are a dangerous array of tools called “crimeware.” With an ever-growing number of companies, organizations, and individuals turning to the Internet to get things done, there’s an urgent need to understand and prevent these online threats.

Crimeware: Understanding New Attacks and Defenses will help security professionals, technical managers, students, and researchers understand and prevent specific crimeware threats. This book guides you through the essential security principles, techniques, and countermeasures to keep you one step ahead of the criminals, regardless of evolving technology and tactics. Security experts Markus Jakobsson and Zulfikar Ramzan have brought together chapter contributors who are among the best and the brightest in the security industry. Together, they will help you understand how crimeware works, how to identify it, and how to prevent future attacks before your company’s valuable information falls into the wrong hands. In self-contained chapters that go into varying degrees of depth, the book provides a thorough overview of crimeware, including not only concepts prevalent in the wild, but also ideas that so far have only been seen inside the laboratory.

With this book, you will:
* Understand current and emerging security threats including rootkits, bot networks, spyware, adware, and click fraud
* Recognize the interaction between various crimeware threats
* Gain awareness of the social, political, and legal implications of these threats.
*Learn valuable countermeasures to stop crimeware in its tracks, now and in the future. Acquire insight into future security trends and threats, and create an effective defense plan. Show less

This book describes trends in email scams and offers tools and techniques
to identify such trends. It also describes automated countermeasures
based on an understanding of the type of persuasive methods used by
scammers. It reviews both consumer-facing scams and enterprise scams,
describing in-depth case studies relating to Craigslist scams and Business
Email Compromise Scams. This book provides a good starting point for
practitioners, decision makers and researchers in that… Show more

This book describes trends in email scams and offers tools and techniques
to identify such trends. It also describes automated countermeasures
based on an understanding of the type of persuasive methods used by
scammers. It reviews both consumer-facing scams and enterprise scams,
describing in-depth case studies relating to Craigslist scams and Business
Email Compromise Scams. This book provides a good starting point for
practitioners, decision makers and researchers in that it includes
alternatives and complementary tools to the currently deployed email
security tools, with a focus on understanding the metrics of scams.
Both professionals working in security and advanced-level students
interested in privacy or applications of computer science will find this book
a useful reference. Show less