Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
The title of the new book is Understanding Social Engineering Based Schemes. And its mission is three-fold, Jakobsson says. He wants to profile today's most common schemes, forecast some future trends, and then to help organizations build effective countermeasures.
The first line of defense, he says, is for organizations to rid themselves of the mindset that their people won't fall for socially engineered schemes.
"People need to understand that [social engineering] can and might happen to them," Jakobsson says. "And they also need to recognize that spam filters alone won't detect and deter the scams. Spam filters are designed to, and do a somewhat reasonable job at defending against spam, but spam is totally different from these targeted attacks. They're not large volumes, they don't speak about Viagra, and they are very much looking like business-as-usual conversations."
In an interview about the contents of his new book, Jakobsson discusses:
The evolution of socially-engineered schemes; Why these scams are still so successful; Technology solutions that can help detect and deter the scammers.Jakobsson, Chief Scientist for Agari, has spent more than 20 years as a security researcher, scientist and entrepreneur, studying phishing, crimeware and mobile security at leading organizations. In his role at Agari, he leads the company's security research with a focus on using advanced data science to prevent email attacks.
Prior to Agari, Jakobsson spearheaded research in malware, authentication, fraud, user interfaces and security technologies for Qualcomm. He also co-founded three digital startups - ZapFraud, RavenWhite and FatSkunk - spanning email fraud prevention, user authentication, mobile malware detection and secure user messaging. In addition, Jakobsson has held key roles as Principal Scientist at PayPal, Xerox PARC and RSA Security.
Jakobsson is an esteemed thought leader in the security space. He has written several books, published more than 100 peer-reviewed conference and journal articles, and holds more than 100 patents. Jakobsson is a visiting research fellow of the Anti-Phishing Working Group (APWG).