Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Catch Me If You Can", Frank W. Abagnale

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Catch Me If You Can", Frank W. Abagnale
Date: Mon, 29 Nov 2004 16:17:09 -0800 


BKCMIYCN.RVW   20041008

"Catch Me If You Can", Frank W. Abagnale, 1980, 0-7679-0538-5
%A   Frank W. Abagnale
%C   201 E. 50th St., 31st Floor, New York, NY   10022
%D   1980
%G   0-7679-0538-5
%I   Random House/Broadway Books
%O   212-751-2600, 800-733-3000
%O  http://www.amazon.com/exec/obidos/ASIN/0767905385/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0767905385/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0767905385/robsladesin03-20
%P   293 p.
%T   "Catch Me If You Can"

Frank Abagnale was a con man, specializing in passing fraudulent
cheques.  Subsequently, he became a consultant on the topic of
avoiding cheque swindles.  "Catch Me If You Can" is his autobiography,
which was recently made into a movie.

The first comparison to make is between the movie and the book.  Both
are equally amusing and engaging.  The book is quite readable, and
presents Abagnale as a likeable rogue.  (Well, what else would you
expect from a con man?)

Interestingly, both the book and the movie, separately, each have
details that the other lacks.  The book notes the need for constant
study of a field or situation in order to continue to perpetrate a
ruse, and to continue to improve on the delivery.  The movie
demonstrates more examples of social engineering than does the book,
such as making the target party complicit by offering them a seemingly
unrelated benefit, or using a well-timed compliment to interrupt the
process of a security check (since people seldom "re-enter" such a
procedure at exactly the same point).

The other obvious comparison to make is with the more recently self-
proclaimed chief charlatan, Kevin Mitnick, and his "The Art of
Deception" (cf. BKARTDCP.RVW).  Both perpetrated crimes with the help
of technology, Mitnick with computers, and Abagnale with cheque forms. 
Both used social engineering.  Both have written books.

One difference is that Abagnale's text is more interesting than
Mitnick's.  "The Art of Deception" has been described as "nineteen
chapters of GOTCHA!," and gets tedious very quickly.  Abagnale is coy
on some points, but is more open and entertaining.  Mitnick basically
says that people can be fooled: Abagnale examines some of the methods
how, and reasons why, and presents at least a few points that can be
used to detect and avoid trickery.

I would not say that "Catch Me If You Can" is a "must read" for
security people, but it is short, amusing, and raises some useful
questions in regard to fraud detection adn prevention.

copyright Robert M. Slade, 2004   BKCMIYCN.RVW   20041008


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca      slade@victoria.tc.ca      rslade@sun.soci.niu.edu
Yes, but every time I try to see things your way, I get a headache.
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade






------------------------ Yahoo! Groups Sponsor --------------------~--> 
$9.95 domain names from Yahoo!. Register anything.
http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/kgFolB/TM
--------------------------------------------------------------------~-> 

 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Catch Me If You Can", Frank W. Abagnale, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  RE: [CISSP-D] Control types?, Kevin Stevens
Next by Date:  RE: [CISSP-D] Control types?, Alberto Rivai
Previous by Thread:  RE: [CISSP-D] Control types?, Jerry Patterson
Next by Thread:  [CISSP-D] File - ++CISSP-Discuss.doc, CISSP-Discuss
Indexes:  [Date] [Thread] [Top] [All Lists]