The Present and Future of Phishing and Email Security - JANOG52 Meeting in Nagasaki

The Present and Future of Phishing and Email Security

日本語版はこちら

Abstract

Email is one of the important communication tools, but it is also abused as a means of phishing and malware distribution. In order to prevent these abuses, several important technologies such as sender authentication technologies and encryption of mail delivery have been proposed, and their use is increasing little by little. However, recently, the damage of phishing and how to distinguish it have been reported on TV, and the countermeasures are not yet functioning sufficiently, and the danger to general users remains high.

In this presentation, we will first introduce the latest methods of phishing, which is increasing, and then discuss the difficulty of countermeasures and the importance of information exchange (eXchange) with each stakeholders. We would like to think about how to deal with it together.

In addition, we will talk about the technologies and operational points that email service providers and email administrators of organizations such as companies should introduce to prevent email users from suffering such damage. To be effective, email countermeasures require the use of the same technology by both the sender and the receiver of emails, but at present, they are not fully aligned. By sharing various survey data that cannot be obtained elsewhere, we would like to connect these current situations to discussions about how to spread them and what kind of things are the barriers to their spread.

In addition, we would like to exchange (eXchange) with the latest trends in countermeasure technologies such as sender authentication technology DMARC, which is currently being revised.

Place

1F Conference Room 101

Date

Day2 Thursday, July 6th, 2023/11:00~12:00(1Hour)

Presenter

櫻庭 秀次
株式会社インターネットイニシアティブ / JPAAWG

SAKURABA Shuji(Internet Initiative Japan Inc. / JPAAWG)

平塚 伸世
一般社団法人JPCERTコーディネーションセンター / フィッシング対策協議会

HIRATSUKA Nobuyo(Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) / Council of Anti-Phishing Japan)