Chapter 9 will cover defenses that can be deployed on client endpoint computers and devices to fight social engineering and phishing.

Focusing on Endpoints

Endpoints are nodes connected to a network. They can be almost anything but are often used to refer to end-user devices and computers. Most of the data we are trying to protect is either located on an endpoint or accessed through an endpoint. All our other defenses, located anywhere else, are trying to protect the data located on endpoints and users using endpoints.

Much of this chapter is going to be a repeat of cybersecurity defense recommendations made in previous chapters (especially Chapter 8, “Network and Server Defenses”), because a great defense-in-depth, multi-layered cybersecurity defense places similar good defenses in multiple places (i.e., network and endpoint). But there will be many recommendations that can only be deployed on endpoints that will be discussed in this chapter. The idea of this chapter is to remind readers of all the possible endpoint defenses that could be used to fight social engineering and phishing and, if lucky, possibly remind you of something you agree with but previously missed.

Anti-Spam and Anti-Phishing Filters

Every endpoint capable of getting phishing messages should have anti-spam and anti-phishing filters installed. Most of the time, this means content filters on email and browsers, but expand that to whatever applications you have where you could ...