ელფოსტის ავთენტიფიკაციის პროტოკოლები ფიშინგის პრევენციისთვის: SPF, DKIM და DMARC
ავტორი: Lazare Lomsadze, Ioane Zarandia, Giorgi Akhalaia
ორგანიზაცია: University of Young Penetration Testers, Ilia State University
კატეგორია:
საკვანძო სიტყვები: email phishing, SPF, DKIM, DMARC, social engineering
აბსტრაქტი. Email phishing is considered one of the most widespread forms of modern cybercrime. Through phishing attacks, malicious actors attempt to fraudulently obtain users' personal information such as passwords, credit card numbers, or even financial account details. These messages often impersonate legitimate companies, thereby increasing the likelihood of deceiving recipients. This article explores the mechanisms, risks, and technical defenses against email phishing. In particular, it discusses the roles of SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) protocols. Practical examples are also provided to illustrate how each mechanism contributes to identifying and blocking malicious emails.
ბიბლიოგრაფია
Cisco. n.d. “What Is Phishing?” Cisco. Accessed June 26, 2025. https://www.cisco.com/c/en/us/products/security/email-security/what-is-phishing.html
Kaspersky. n.d. “What Is Phishing?” Kaspersky. Accessed June 26, 2025. https://www.kaspersky.com/resource-center/definitions/phishing
SPF-Record.com. n.d. SPF Record Lookup. Accessed June 26, 2025. https://www.spf-record.com/
DMARC Analyzer. n.d. “What Is DKIM?” DMARC Analyzer. Accessed June 26, 2025. https://www.dmarcanalyzer.com/what-is-dkim/
Cloudflare. n.d. “What Is DMARC?” Cloudflare. Accessed June 26, 2025. https://www.cloudflare.com/learning/email-security/what-is-dmarc/
Menu