Chapter 5, Status Quo Security Tools, covers anti-spam techniques, public key cryptography, SSL and honeypots. The anti-spam section includes a discussion of blacklisting, whitelisting, filtering, charging for email, Domain Keys and Sender ID. The information is generally available elsewhere but the section is concise and covers the main points. The public key cryptography and SSL sections address topics that are probably well understood by most readers; the authors take a more formal and academic approach than found in most security texts. The final section on honeypots provides an overview, advantages and disadvantages, as well as technical details on low interaction honeypots (like Honeyd) and high interaction honypots (like Honeywall).

Chapter 6 spear phishing combines a formal analysis of spear phishing with case studies. The first part of the chapter carefully dissects a context-sensitive attack and build a formal model for such attacks. An especially appealing aspect of this chapter is the five case studies ranging from trawling for publicaly available private data (like mother's maiden names), the role of social networks in spear phishing and the potential for stealing information from browser convenience features like autofill.

In part 3, we'll take a look at human-centered design considerations, passwords, and mutual authentication.

Phishing and Countermeasures - Part 1 (introduction, attacks, countermeasures, pharming)
Phishing and Countermeasures - Part 2 (security tools and spear phishing)
Phishing and Countermeasures - Part 3 (human centered design,considerations, passwords, and mutual authentication)