Anti-Spymail and Anti-Spoofing
Lunch Sponsor: MailControl
Description:This educational session will discuss two specific threats to enterprise email security: spymails and spoofed emails. Toward the end of the session, we will provide a free live email penetration test to anyone looking to verify that their corporate emails are protected against these two threats. There is no need to prepare--just bring your phone if you wish to participate in the pen test. We hope you can join us! About Spymail: You already know email attachments contain sensitive metadata that need to be scrubbed. But did you know that emails themselves also have metadata? 15% of business emails are now embedded with invisible tracking pixels that secretly gather recipient email data for the sender. This includes location, IP address, device information, email open and click data, and whether and to where the email is forwarded. This metadata therefore expose privileged and confidential information for your firm and your clients.About Spoofed Email: The first versions of email did not have security implemented by design. This meant anyone can spoof their identity and pretend to be someone else, which exposes firms to phishing attacks. To protected against fraud, firms should understand how to implement SPF, DKIM, and DMARC, and why such frameworks help combat email spoofing.
Presenters: Chad Gilles from MailControl is an engineer and technology enthusiast, who also happens to be an attorney. Chad uses his technical and legal knowledge to handle a wide-ranging assortment of tasks from writing code to drafting contracts and presenting on topics involving law and technology.