Lance James' "Phishing Exposed" is Syngress' latest title on phishing. This is one of the best resources available right now that handles this new digital disease that plagues the Internet. Definitely a must-read!!!

My 10-horseshoes review follows (soon available at Javaranch.com):

The Internet economy has been growing at a very sustainable pace over the past ten years to reach an overall trade volume of $150 billion in 2004. Nowadays, all respectable companies, such as financial institutions and e-commerce shops, provide online front stores to reach as many potential customers as possible and to carry out their vital business activities. However, this fast-growing digital presence constrains online actors to deal with a massively increasing cyber-criminality. In 2005, more than 43 billion spam messages were sent each day on earth. This volume amounts to 63% of the daily Internet mail traffic. Phishing alone represents only a small portion of the overall traffic, but even a low percentage on $150 billion still looks quite profitable when we know that nine out of ten Internet users cannot distinguish between a normal and a fraudulent email.

"Phishing Exposed" by Lance James is one of the best books on the shelves right now that delves deeply into the details of the phishing trends that plague the modern Internet. Committed to provide a comprehensive masterpiece on phishing, James positions phishing in the cyber-crime evolution and meticulously dissects all aspects of the problem by introducing what phishing is and is not and by showing the close relationship between spam and phishing. All along the book, you will find plenty of anecdotes, statistics, pieces of advice, legal aspects and war stories. In order to provide a realistic picture of the problem at hand, the author explains how mass mailings are usually set up and shows concrete techniques and attacks that are employed by phishing gangs in order to lure individuals and companies. You will witness several kinds of attacks in action and you will also see how phishers take advantage of the many flaws that are present in the protocols building up the Internet infrastructure, such as TCP/IP, HTTP/S, SMTP, DNS and SSL. In contrary to what you may have heard so far, you will see that it does neither take much time nor resources to set up a realistic phishing scam.

"Phishing Exposed" is definitely targeted at people with a sound background in computer science and networking. If your daily activities include the development of sensible online information systems and if you think that the security and integrity of your users is a non-negotiable necessity, you should better keep a copy of this book handy.