These days, news about cyber crimes and personal information leaks that occur on the Web are flying around almost every day. For example, there was a time when a phishing method that attempted to break through multi-factor authentication and infiltrate a company's SaaS became a hot topic. Many people in charge of information systems must have felt uneasy. In this session, we will take up several web cybercrime cases that occurred in 2022, including phishing and payment application tampering, and look back on them from a technical perspective in an easy-to-understand manner. In addition, we will introduce the latest trends and mechanisms of countermeasure technologies with demonstrations. It is a must-see for those who have troubles such as "I can't update threat trends and technical information because I'm busy with my daily work"! Let's think together about what we can do to protect important information regardless of B2E or B2C!