Cyber Shelf

// Comparison

Fancy Bear Goes Phishing vs The Art of Deception: Which Should You Read?

Two cybersecurity books on Narrative, compared honestly: who each is for, what each does best, and which to read first.

Beginner
4/52023
Fancy Bear Goes Phishing

The Dark History of the Information Age, in Five Extraordinary Hacks

Scott J. Shapiro

Five famous hacks used as a way into the deeper question of why software is insecure at all, written by a Yale law professor who learned to code to write it. More a history and theory of vulnerability than a how-to.

Beginner
4/52002
The Art of Deception

Controlling the Human Element of Security

Kevin Mitnick, William L. Simon

Kevin Mitnick and William Simon's case-study collection of social-engineering attacks: PBX scams, helpdesk impersonation, dumpster-diving, the casual lies that sound true. The technology dates the book; the human side is timeless.

Read this if

Readers who want the why behind the headlines, the conceptual and historical reasons computers can be broken into, told through memorable cases.
Anyone in red team, awareness training, fraud, or insider-threat work who wants the best printed library of pretext archetypes. Mitnick's call scripts are still the gold standard for understanding how a competent social engineer establishes credibility in 30 seconds.

Skip this if

Practitioners after current technique or precise forensics. Skip this if a non-specialist explaining your field back to you, occasionally over-tidily, will grate.
Readers wanting current SE tradecraft on phishing, deepfakes, voice cloning, MFA fatigue, or modern OSINT-driven targeting. Treat the technical envelope as a museum piece; only the human core generalizes.

Key takeaways

  • Insecurity is not a series of accidents but a structural property of how general-purpose computers and the industry around them are built.
  • The famous hacks are interesting less for their cleverness than for what they reveal about incentives, law, and human nature.
  • Treating hacking as purely a technical problem misses the legal and economic machinery that keeps it profitable.
  • Most successful pretexts are not lies; they are partial truths weighted toward what the target already wants to do.
  • Helpdesks, third-party vendors, and after-hours staff are still the structural weak points the book identifies — twenty years later, with new technology stacks but the same failure modes.
  • Awareness training built around Mitnick's archetypes outperforms generic phishing-click-rate metrics; the book is the textbook for that approach.

How they compare

Fancy Bear Goes Phishing and The Art of Deception are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Both books target beginner-level readers, so the choice is about topic, not difficulty.

Fancy Bear Goes Phishing and The Art of Deception both cover Narrative, Foundations, so reading them in sequence reinforces the same material from different angles.

Keep reading

Fancy Bear Goes Phishing

Alternatives to Fancy Bear Goes PhishingWhat to read after Fancy Bear Goes Phishing

The Art of Deception

Alternatives to The Art of DeceptionWhat to read after The Art of Deception

Related topics

NarrativeFoundations