APECS stands for Anti-Phishing Email Client Standards. An initial goal is to warn users directly in their email client that a link is potentially dangerous, without the need for advanced warning systems that depend on huge data feeds. There is a great deal that can be done under this model and we’re forming the community to make it happen.
The Anti-Phishing Email Client Standards
Email, the world’s largest online communication application, hasn’t changed much over the years. It's time.
Email Applications Suck
- They have no way of knowing what prior analysis has been performed on an email (eg, by mailbox operators)
- They lack intelligence on how to handle legitimate email.
- They are limited in their ability to detect and block fraud.
Email Interfaces Suck
- Users spend a lot of time sorting through their email.
- There is no forum for people who build email applications; there is no W3C equivalent in the email world.
- No forum means innovations are acquired and controlled by large companies.
People need better email clients!
- DMARC is tackling the email identity crisis.
Email authentication is solved at the technical level, with adoption being pushed out quickly.
- Email senders largely adhere to best practices already.
It won’t require everyone to do something new when sending email.
- People are already managing legitimate email on a daily basis.
There is a large opportunity to test and refine approaches.
- There are already large industries in place to detect and address fraud.
They’re just not available to email applications.
- A forum is needed for people who make email applications.
Like how web browsers have the W3C.
- Standardized methods for email applications to:
Allow operators to convey information regarding legitimacy to email applications.
Integrate user-specific intelligence and advanced filtering.
Access fraud detection and remediation capabilities.
- A framework that can be adopted in piecemeal fashion over time.
Can’t boil the ocean.
There are many parts to this problem. If you’d like to help, let us know!