Day2 2021年7月15日(木) 16:15～17:15(1時間00分)
“Phishing Fraud” is a form of online fraud that consists of social engineering, identity theft, and a combination of both. Criminals profit from identity theft and resale of credentials collected through phishing scams. According to the Anti-Phishing Working Group, 1,520,832 phishing sites were observed worldwide in 2020, an increase of 1.92% over the previous year (791,766). The Council of Anti-Phishing Japan’s academic research project considers phishing as a kind of business and clarified the process by analyzing past cases. This approach created a framework for understanding phishing fraud systematically, prioritizing countermeasures against each event, and verifying their effectiveness. The results are presented in the form of a paper (https://www.antiphishing.jp/news/info/collabo_20210316.html). The theme of JANOG48 is with bridges. I would like to explain the process and classification, and to discuss and improve the process by having network operators and phishing hunters interact and cooperate through the bridge called JANOG48, focusing on the viewpoints of what points can be utilized to stop phishing sites and what areas should be reinforced, then we hope to make improvements. In particular, we will analyze smishing (phishing scam through SMS), which is currently a major problem, by applying our proposed framework. 1. Is it beneficial for Japanese network operators from a technical/operational perspective? As anti-phishing measures are strengthened, the involvement of network operators is expected to increase in the future. Through this discussion, we believe that it is beneficial to deepen our knowledge of the technology and operation of the method to stop phishing sites promptly and to prepare for it. 2. Are the points of discussion clear? Discuss whether the phishing fraud business process created from the perspective of a phishing hunter and the countermeasures for each process are sufficient from the perspective of a network operator, and if not, what situations and assumptions are made. 3. Can we expect to gain new insights from the presentation/discussion? The framework presented in this discussion organizes the whole end-to-end picture, including contents outside the scope of network operators’ business. The creation of this phishing fraud business process was based on the collective knowledge of multiple stakeholders. Within the group, new insights were generated among the members. I strongly expect that both presenters and participants will gain new knowledge by discussing with a large number of members who are operating the network from a broad perspective in this JANOG.
Yusuke Karasawa(Council of Anti-Phishing Japan. / Japan Digital Design, Inc.)