Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
The Art of Social Engineering
The Art of Social Engineering

The Art of Social Engineering: Uncover the secrets behind the human dynamics in cybersecurity

Arrow left icon
Profile Icon Cesar Bravo Profile Icon Desilda Toska
Arrow right icon
$39.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (9 Ratings)
Paperback Oct 2023 234 pages 1st Edition
eBook
$21.99 $31.99
Paperback
$39.99
Subscription
Free Trial
Renews at $19.99p/m
Arrow left icon
Profile Icon Cesar Bravo Profile Icon Desilda Toska
Arrow right icon
$39.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (9 Ratings)
Paperback Oct 2023 234 pages 1st Edition
eBook
$21.99 $31.99
Paperback
$39.99
Subscription
Free Trial
Renews at $19.99p/m
eBook
$21.99 $31.99
Paperback
$39.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Table of content icon View table of contents Preview book icon Preview Book

The Art of Social Engineering

The Psychology behind Social Engineering

You have probably heard the term social engineering before, either in the news (as part of a big scam) or even in your job as part of the annual security awareness program.

But what is social engineering? Well, to make it simple, we can just say that social engineering is the art of manipulating people to perform an action that will provide a benefit for the attacker. That action could be in the form of disclosing information, executing an action (such as executing a command), or even disabling or bypassing a security measure.

In other words, social engineering is focused on “hacking” the users, not the systems.

Now, to better understand social engineering, it is imperative to understand the psychology, principles, and tactics behind those attacks. Attackers will leverage a set of psychological concepts, principles, and tactics to successfully manipulate the victim. They will then use the art of manipulation to influence the victim to either reveal sensitive information (passwords, users, etc.) or even perform a given action (such as disabling the antivirus).

Understanding those tactics will help you to identify when you are a target and avoid falling into these elaborate attack vectors. For this reason, in this chapter, we will cover the following main topics:

  • The art of manipulation
  • Tactics and principles used to influence the victims
  • Developing rapport
  • The weakness behind the empathy
  • Leveraging influence tactics for defensive security

Technical requirements

There are no technical requirements for this chapter.

Disclaimer

All characters in the illustrations are fictional characters.

Illustrations are inspired by real attacks; therefore, the language used (including spelling and grammatical errors) is intentional.

Understanding the art of manipulation

Social engineering is the art of manipulating users to perform actions or divulge confidential information for the benefit of the attacker.

Examples of those actions can be as follows:

  • Install a given software (which may contain malware)
  • Remove some security settings or applications (disable the antivirus, firewall, etc.)
  • Execute an unknown command that may impact the confidentiality, integrity, or availability of data (for example, delete a table using SQL commands)
  • Create or edit an active user (that will provide access to the attacker)
  • Change system configurations (to facilitate access to data)

Additionally, examples of the types of information that the attacker may want to gather from the victims are as follows:

  • User credentials (usernames, passwords, etc.)
  • Trade secrets
  • Organizational information (which can be used later for whaling attacks)
  • Financial information
  • Corporate sensitive information (clients, price lists, etc.)
  • Sensitive personal information (used for impersonation attacks)

While most people believe they will never fall victim to this type of attack, the truth is that we are all susceptible to a social engineering attack.

In fact, social engineering attacks have evolved into well-fabricated scenarios that are carefully crafted to leverage a series of physiology paradigms to effectively trick and manipulate the victim without them even noticing that they are under attack.

Therefore, organizations must invest time and resources to include social engineering awareness campaigns as part of their cybersecurity strategy to reduce the risks of employees falling into these types of attacks.

A common mistake is to focus social engineering awareness campaigns on IT people, while in reality, attackers prefer to attack other employee profiles, as follows:

  • Non-IT employees: Attackers assume that non-IT personnel are less aware of the consequences of executing a given command. The following figure shows a typical example of how an attacker can manipulate an employee into executing a command to delete hundreds and even thousands of records in a database:
Figure 1.1 – Manipulating non-IT employees

Figure 1.1 – Manipulating non-IT employees

  • Overwhelmed users: We all know that some companies are happy to assign overwhelming workloads and job responsibilities to some employees. This is, of course, a terrible business practice, but it can also become a vulnerability that attackers may want to exploit. For example, as shown in the following figure, an attacker can manipulate an overwhelmed employee to gather access to a restricted location (which will enable the attacker to perform a super dangerous physical attack):
Figure 1.2 – Manipulating overwhelmed users

Figure 1.2 – Manipulating overwhelmed users

  • Sales teams: Sales teams are normally overstretched to achieve sales quotas at the end of the quarter. Attackers can leverage that stress to manipulate the victim to perform a restricted action, as highlighted in the following figure:
Figure 1.3 – Manipulating sales teams

Figure 1.3 – Manipulating sales teams

  • Executive assistants: Executive assistants handle a lot of sensitive information that is a potential target for attackers. Therefore, executive assistants are a common target that attackers may try to manipulate to gain access to that information. The following figure shows an example of how an attacker can impersonate an IT manager to obtain a password reset code to gain access to the senior manager’s account:
Figure 1.4 – Manipulating executive assistants

Figure 1.4 – Manipulating executive assistants

Of course, those are only a few examples of groups that are more prone to be attacked by a social engineering attack, but in the end, what we want to highlight is the importance of ensuring that the organization is well-trained and aware of the threats of social engineering attacks.

The bottom line is that users are the biggest layer of defense to prevent those attacks in your organization, therefore, ensuring that everyone is well-trained to recognize those attacks should be a key component in your cybersecurity strategy.

Now, while manipulation is the art used by attackers, there are a lot of psychological principles behind this that enable the attacker to successfully manipulate users not only to perform those actions but to do it without doubting the intention of the attacker. Now, let’s review them in detail.

Examining the six principles of persuasion

As mentioned, social engineering is an art, an art that can be improved with time but can also be learned by applying several tactics.

Those tactics were highlighted by Robert Cialdini (behavioral psychologist) in the book The Psychology of Persuasion, in which he divides those tactics into six key principles, as shown in the following figure:

Figure 1.5 – Key principles of influence

Figure 1.5 – Key principles of influence

Now, let’s review each of those principles:

  • Reciprocity: There is a strong sense of payback when we receive something from others. Therefore, an attacker may use this technique by giving you something or doing a favor for you to influence your brain to do something form them later.
Figure 1.6 – Example of using reciprocity to influence a victim

Figure 1.6 – Example of using reciprocity to influence a victim

  • Commitment and consistency: If you commit to something, it is likely that you will honor that commitment, even if the original commitment or incentive slightly changes. That is exactly what the attacker wants. First, the attacker will make you commit to something reasonable and then slightly change it at the last minute to something you may have doubts about, but due to the previous commitment, you are likely to accept and proceed. The following figure shows an example of how an attacker can use this to gather physical access:
Figure 1.7 – Example of using commitment to influence a victim

Figure 1.7 – Example of using commitment to influence a victim

  • Social proof: This principle is based on the fact that people’s behaviors are influenced by what others do in a given place (the culture of the place). For example, in companies with a mature cybersecurity culture, tailgating is seen as an unacceptable behavior. However, the same action (tailgating) can be seen as just being polite in other companies with less cybersecurity awareness as illustrated in Figure 1.8:
Figure 1.8 – Example of using social proof to influence the victim

Figure 1.8 – Example of using social proof to influence the victim

  • Authority: It is more likely that people will follow an order when it is given by a person with authority (or at least pretending to have it). Impersonating a cybersecurity expert, influencer, or any other credible or known person is a typical case of using authority to influence the victim into executing a questionable action. As seen in Figure 1.9, the attacker calls the victim, impersonating someone from the IT or security department. Then, the attacker requests the victim to provide a code that they supposedly sent to them. However, what the victim does not know is that the code they are giving to the attacker is actually a password reset code that will give full access to the attacker:
Figure 1.9 – Example of using authority to influence the victim

Figure 1.9 – Example of using authority to influence the victim

  • Liking: People are more willing to trust others they like, and an attacker may use that principle to influence a victim. Liking is not limited to physical attraction; in fact, there are many other methods that attackers may use to gain your trust, as follows:
    • By sharing some characteristics in common (such as saying we live or grew up in the same city or have similar ancestors)
    • By sharing the same passion (for example, the same series, the same idols, the same favorite music group, etc.)
    • By following the same team or groups (in sports, politics, etc.)

    The following figure shows an example of how an attacker can use some compliments to like the victim and gain their trust:

Figure 1.10 – Example of using liking to influence the victim

Figure 1.10 – Example of using liking to influence the victim

  • Scarcity: This tactic is commonly used in marketing to influence you to purchase something (which, most of the time, is something that you don’t need). This tactic is incredibly powerful, which is why it is present in almost all social engineering attacks. Here, the attacker will push the victim by making them believe that they will lose a big opportunity if they do not leverage it right now!
Figure 1.11 – Example of using scarcity to influence the victim

Figure 1.11 – Example of using scarcity to influence the victim

Now, there are other key tactics and techniques used in social engineering attacks that are not included in that list such as developing rapport, empathy, and pretexting, so let’s review them in detail.

Developing rapport

While similar to the principle of liking, rapport goes beyond that by creating a relationship or bond with the victim.

In fact, building rapport is about creating a trusting relationship with the victim with the objective to make the victim feel comfortable and thus more prone to execute a given task or to give some sensitive information. As humans, we tend to share data freely with people we trust, and thus for an attacker, developing an instant rapport is key.

There are many tactics that an attacker can leverage to create rapport, so let’s see the most used tactics to develop rapport.

Using appropriate body language

To develop rapport, it is key that the victim doesn’t perceive you as a potential threat; instead, you should represent a friendly figure that is there to help and listen. For example, for an attacker, a stressed or nervous attitude may cause distrust in the victim, while a relaxed attitude will be reflected in a more friendly body language that will make the victim feel more engaged and comfortable.

Figure 1.12 – Example of using body language to influence the victim

Figure 1.12 – Example of using body language to influence the victim

As seen in the preceding figure, a person with relaxed body language gives confidence to the victim to perform a dangerous action (in this case, to provide a security PIN).

Using your knowledge to help

Being arrogant by presuming deep technical knowledge will not help to build rapport. Instead, attackers will look for opportunities to help others with their technical knowledge. This tactic will help to build an almost instant rapport with the victim because first, the victim is now in debt to the attacker, but also because the attacker unconsciously set themself as a technical expert in the eyes of the victim.

Figure 1.13 – Using your knowledge to build rapport

Figure 1.13 – Using your knowledge to build rapport

As seen in the preceding figure, the attacker uses their knowledge to build rapport with the victim while also setting themself as an expert. Then, they leverage it to execute the attack by giving a false link to the victim that will collect the victim’s credentials.

Complimenting

Let’s be honest, we all like compliments, and this is another great way to build rapport. Of course, it needs to be subtle; as mentioned, this is an art form, and abusing any tactic may be perceived by the victim and that will not cause the desired effect. Instead, this needs to be natural and genuine to ensure the victim will feel it in that way. Some examples of compliments are saying something nice about the clothes they are wearing, or any other characteristics of the person such as the color of their eyes, their lovely smile, or even their attitude.

Figure 1.14 – Example of using compliments to influence the victim

Figure 1.14 – Example of using compliments to influence the victim

As seen in the preceding figure, the attacker compliments the victim by stating that they are very smart and cares about security. That compliment creates rapport and the attacker will leverage that to trick the user to put their password into a non-secure page, allowing the attacker to capture the victim’s credentials.

Supporting other points of view

There are people that may feel discriminated against because their opinion is part of a minority group. In those cases, an attacker may leverage that to create instant rapport by supporting that point of view in front of the victim. As mentioned, this needs to seem genuine and to achieve that, the attacker must understand the topic they are supporting very well in order to be able to drive a friendly conversation with the victim to further their relationship of trust.

Figure 1.15 – Example of  influencing the victim by creating a rapport

Figure 1.15 – Example of influencing the victim by creating a rapport

As seen in the preceding figure, an attacker would take the opportunity of someone complaining about security policies to agree with the victim (to build rapport) and then to offer a “solution” to avoid that security policy, which, in the end, will enable the attacker to access data and corporate systems.

Leveraging empathy

Empathy is defined as the ability to understand and share the feelings and emotions of others. In this case, an attacker will put themself in a difficult situation in the hope that the victim will feel empathy and then be more vulnerable to fall into a trap to give information, perform a questionable action, or even bypass a security process to help the attacker during the difficult situation.

Figure 1.16 – Using empathy to bypass some security controls

Figure 1.16 – Using empathy to bypass some security controls

The preceding figure shows a great example of how an attacker can leverage empathy to bypass a security control.

Notice that to enhance the chances of success, the attacker will search for a victim that is more likely to feel empathy for a given situation. For example, in this case, the attacker targeted a victim that is a mom and, therefore, is more likely to feel empathy for a situation in which a supposedly pregnant girl is suffering, and thus the victim would be willing to bypass a security process to help the pregnant girl.

Leveraging influence for defensive security

The good news is that you can also apply those psychological principles (such as influence) to enhance the cybersecurity culture in your organization.

In fact, here are some examples of how you can leverage some social engineering concepts in your organization:

  • Social proof: You can leverage influential people in your company to promote cybersecurity best practices. A good implementation example is to provide a hands-on cybersecurity awareness workshop to those influential employees and name them Cybersecurity Advocates. This will help you motivate those influencers to enhance cybersecurity awareness across the organization and also to bring more to join your program as Cybersecurity Advocates.

Important note

Those kinds of programs work better if people are also awarded a digital badge that highlights their new Cybersecurity Advocate title.

  • Scarcity: You can apply scarcity in many ways to enhance your cybersecurity programs, such as the following examples:
    • Announce that only X number of employees are eligible for the Cybersecurity Advocate title
    • Limit the number of people that can attend awareness training (which brings the feeling that they will attend an exclusive training)
    • Make users think that installing a given cybersecurity tool is not an obligation but a privilege that they need to pursue (because they are getting a license for free)

    As mentioned before, this technique is more powerful when combined with other tactics.

  • Authority: One of the biggest challenges of cybersecurity campaigns is to get users involved. People are normally busy doing their day-to-day activities, and additional assignments (such as cybersecurity awareness training) are not a priority for most of them. However, you can leverage the principle of authority by asking a C-suite executive (CEO, CTO, etc.) to be the sponsor of the initiative. That sponsorship means recording a video or sending an email to the entire organization to highlight the importance and relevance of the cybersecurity initiative. Another great way to deliver this message is during a corporate event such as a Town Hall meeting. This will surely help to bring people’s attention to your cybersecurity awareness program.

Important note

Some authors suggest that the executive should also highlight the consequences of not attending the required training; however, that may bring a negative connotation to your initiative, and from experience, it is better for people to be motivated to learn rather than forced by fear.

All other principles can also be used (and mixed) to support your cybersecurity initiatives, and now, it is up to your imagination to create the perfect blend to improve your cybersecurity strategy.

Summary

In this chapter, we learned the art of manipulation and how attackers leverage a number of techniques to influence the actions of the victims. We also reviewed the most common profiles targeted by attackers using social engineering.

Then, we moved to a deep dive into the actual tactics and principles used by attackers to influence the victims during a social engineering attack, which included key topics such as scarcity, liking, social proof, and others.

Additionally, we explained what developing rapport means and why this is relevant during a social engineering attack. After that, we moved to a new section in which we explained how attackers leverage people’s empathy to manipulate the victims to bypass some security processes.

We then closed an amazing chapter by reviewing how we can also leverage those principles to support our cybersecurity strategy.

Now, get ready because, in the next chapter, we will acquire a deeper understanding of social engineering by reviewing the different types of social engineering attacks.

Further reading

To further your knowledge of the various topics discussed in the chapter, refer to the following resource:

Left arrow icon Right arrow icon

Key benefits

  • Gain insights into the open source intelligence (OSINT) methods used by attackers to harvest data
  • Understand the evolving implications of social engineering on social networks
  • Implement effective defensive strategies to mitigate the probability and impact of social engineering attacks
  • Purchase of the print or Kindle book includes a free PDF eBook

Description

Social engineering is one of the most prevalent methods used by attackers to steal data and resources from individuals, companies, and even government entities. This book serves as a comprehensive guide to understanding social engineering attacks and how to protect against them. The Art of Social Engineering starts by giving you an overview of the current cyber threat landscape, explaining the psychological techniques involved in social engineering attacks, and then takes you through examples to demonstrate how to identify those attacks. You’ll learn the most intriguing psychological principles exploited by attackers, including influence, manipulation, rapport, persuasion, and empathy, and gain insights into how attackers leverage technology to enhance their attacks using fake logins, email impersonation, fake updates, and executing attacks through social media. This book will equip you with the skills to develop your own defensive strategy, including awareness campaigns, phishing campaigns, cybersecurity training, and a variety of tools and techniques. By the end of this social engineering book, you’ll be proficient in identifying cyberattacks and safeguarding against the ever-growing threat of social engineering with your defensive arsenal.

Who is this book for?

This book is for cybersecurity enthusiasts, ethical hackers, penetration testers, IT administrators, cybersecurity analysts, or anyone concerned with cybersecurity, privacy, and risk management. It will serve as a valuable resource for managers, decision makers, and government officials to understand the impact and importance of social engineering and how to protect against this threat.

What you will learn

  • Grasp the psychological concepts and principles used in social engineering attacks
  • Distinguish the different types of social engineering attacks
  • Examine the impact of social engineering on social networks
  • Find out how attackers leverage OSINT tools to perform more successful attacks
  • Walk through the social engineering lifecycle
  • Get a glimpse of the capabilities of Social Engineering Toolkit (SET)
Estimated delivery fee Deliver to Argentina

Standard delivery 10 - 13 business days

$12.95

Premium delivery 3 - 6 business days

$40.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Oct 20, 2023
Length: 234 pages
Edition : 1st
Language : English
ISBN-13 : 9781804613641
Concepts :

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Estimated delivery fee Deliver to Argentina

Standard delivery 10 - 13 business days

$12.95

Premium delivery 3 - 6 business days

$40.95
(Includes tracking information)

Product Details

Publication date : Oct 20, 2023
Length: 234 pages
Edition : 1st
Language : English
ISBN-13 : 9781804613641
Concepts :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 118.97
Information Security Handbook
$44.99
The Art of Social Engineering
$39.99
Data Science for Malware Analysis
$33.99
Total $ 118.97 Stars icon
Banner background image

Table of Contents

16 Chapters
Part 1: Understanding Social Engineering Chevron down icon Chevron up icon
Chapter 1: The Psychology behind Social Engineering Chevron down icon Chevron up icon
Chapter 2: Understanding Social Engineering Chevron down icon Chevron up icon
Chapter 3: Common Scam Attacks Chevron down icon Chevron up icon
Chapter 4: Types of Social Engineering Attacks Chevron down icon Chevron up icon
Part 2: Enhanced Social Engineering Attacks Chevron down icon Chevron up icon
Chapter 5: Enhanced Social Engineering Attacks Chevron down icon Chevron up icon
Chapter 6: Social Engineering and Social Network Attacks Chevron down icon Chevron up icon
Chapter 7: AI-Driven Techniques in Enhanced Social Engineering Attacks Chevron down icon Chevron up icon
Chapter 8: The Social Engineering Toolkit (SET) Chevron down icon Chevron up icon
Part 3: Protecting against Social Engineering Attacks Chevron down icon Chevron up icon
Chapter 9: Understanding the Social Engineering Life Cycle Chevron down icon Chevron up icon
Chapter 10: Defensive Strategies for Social Engineering Chevron down icon Chevron up icon
Chapter 11: Applicable Laws and Regulations for Social Engineering Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9
(9 Ratings)
5 star 88.9%
4 star 11.1%
3 star 0%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




Tim drew Jan 30, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Feefo Verified review Feefo
Martinal Nov 02, 2023
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I was blown away by "The Art of Social Engineering." Toska and Bravo provide an in-depth exploration of the intriguing world of social engineering. Their writing is clear, concise, and highly engaging. This book is a must-read for anyone interested in understanding the psychology behind human interactions and how it can be used for both ethical and security purposes. The real-life examples and practical insights make it a valuable resource. I couldn't put it down!
Amazon Verified review Amazon
Tracy Adam Nov 22, 2023
Full star icon Full star icon Full star icon Full star icon Full star icon 5
In 'The Art of Social Engineering,' the author skillfully breaks down the complexities of social dynamics. It's a comprehensive guide that not only educates but also inspires readers to apply these insights in their daily lives. Truly transformative!"
Amazon Verified review Amazon
Raymond Oct 23, 2023
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Social engineering for cybersecurity requires a comprehension of the techniques , vulnerabilities and countermeasures associated with social engineering to enhance the security posture and cultivate cybersecurity awareness. This book goes overthe threat landscape and how social engineering attacks fit into it. AI threats and attacks are discussed including AI driven exploits including Deepfakes. I found this to be an excellent and up to date overview of the current iterations of ever evolving attacks.
Amazon Verified review Amazon
RJ Sep 17, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I am a retired fed. I am considered by many to be an expert on scams and fraud. The author of this book really knows his stuff when it comes to the spectrum of social engineering, cybersecurity, cybercrime, and scams/fraud. And he presents it in a very easy way to understand and retain. Highly recommended.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact [email protected] with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at [email protected] using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on [email protected] with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on [email protected] within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on [email protected] who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on [email protected] within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela