In May I had the opportunity to present at the Anti-Phishing Working Group (APWG) Conference after spending some time cross referencing the APWG's eCrime Exchange data with dmarcian's historic DMARC reports to see if we could identify consistent patterns among known bad actors, as well as potentially identifying a wider scope to the attacks that any single entity could see. The results were interesting!
Email might be one of the most often overlooked pieces of any web application. Usually the biggest discussion around it in a project begins and ends with “and we’ll send them an email when this happens…”.
A little thought and some minor adjustments can help us avoid some problems that will grow as your project does. Let’s talk about email as a microservice.
This presentation covers my experiences combatting phishing and fraud using DMARC and assorted other techniques in a large eBay-like platform for a niche market...when the site previously did everything over direct user email...for over a decade. Good times.
My name is Barry Jones and Brightball is my consulting company. We help business leaders understand the long term effects of their technical decisions as well as navigating the process of interviewing software developers.
I also blog about technical topics quite a bit. If you enjoy my writing and want to support the habit please use my referrals to help me pay for my servers with Digital Ocean, my DNS with DNS Made Easy and my email with Sendwithus.
If you just came here to learn by all means keep it up. Grab a book on Elixir, Phoenix, Go, encryption throughout history, hacking stories or running a business. Thanks!
