|
|
|
|
|
|
|
|
The number of brands targeting by phishing attacks sustained an all-time high of 428 in April of this year, the second record-breaking quarter for cybercrime brand abuse this year
download full report here
|
|
|
|
Check out the advice we've compiled for consumers on phishing. Visit the Resources pages for more information:
|
|
|
- October 23 2012: APWG Releases Global Phishing Survey: Domain Name Use and Trends in 1H2012
Published October 23 2012, this study is a comprehensive analysis of the phishing that took place in the first half of 2012 (1H2012). Highlights include:
- Average uptimes of all phishing attacks dropped to a record low, but the number of phishing attacks rose.
- Phishers hacked into shared hosting more often, and used subdomain registration services more than regular domain registrations.
- Phishing dropped in China, and server compromises rose in South America.
- October 04 2012: APWG talks data sharing at IT Security Automation event
APWG Resident Research Fellow Patrick Cain will be presenting at the 8th Annual IT Security Automation Conference in Baltimore, MD, USA, on October
4, 2012. His presentation, in the Incident Handling Track, is titled "What works, didn't work, and still needs to get working in data sharing".
- October 09 2012: APWG Keynotes First Awareness Conference for the Protection of Critical Infrastructures and Cybersecurity in Buenos Aires
APWG Secretary General Peter Cassidy addresses Argentina's Oficina Nacional de Tecnologías de Información conference, discussing unifying strategies for global
cybersecurity awareness messaging and other response instrumentation for cybercrime management on a global scale.
- Sept 20-21 2012: APWG Addressing Organization for Security and Cooperation in Europe's Police Experts' Meeting
APWG Secretary General Peter Cassidy is addressing OSCE's meeting in Vienna, Austria on cybercrime prevention and improving collaboration
between commercial and law enforcement sectors.
- Sept 18 2012: APWG Advising The Commonwealth Cybercrime Initiative
APWG Secretary General Peter Cassidy is working with Commonwealth of Nations Cybercrime Initiative in London, UK; CCI Steering Group member, Mr. Cassidy,
will be sharing insights on APWG data logistics and educational programs to inform CCI's capacity building regimes for Commonwealth countries.
- August 18 2012: Team APWG Completes Tough Mudder Toronto
Team APWG participated in the Tough Mudder Toronto. Tough Mudder events are hardcore 10-12 mile obstacle courses designed by
British Special Forces to test your all around strength, stamina, mental grit, and camaraderie. Tough Mudder is a charity event that has raised more than $3 million dollars for the
Wounded Warrior Project.
- August 15 2012: APWG Opens Registration for eCrime 2012
APWG is proud to announce Registration is open for eCrime 2012, the four day combined event that includes the 2012 Fall General Meeting, eCrime Researchers Summit,
and ICANN DNS Security, Stability and Resiliency Symposium scheduled October 22 - 25 in Puerto Rico, US.
Full Details Here . . .
- July 19 2012: APWG releases its Phishing Trends Report for 1Q 2012
This report shows targeted brands reaching a new high. Find the latest report and all previous reports here . . .
- May 25 2012: APWG releases its Phishing Trends Report for 2H 2011
This report shows scammers working harder to fool cybercrime savvy consumers. Find the latest report and all previous reports here . . .
- 26 Apr 12: APWG Releases Global Phishing Survey: Domain Name Use and Trends in 2H2011
This study is a comprehensive analysis of the phishing that took place in the second half of 2011 (2H2011). Highlights include:
- Average uptimes of all phishing attacks dropped notably
- Phishers used subdomain registration services more than regular domain registrations
- Phishing surged in China, and Taobao.com became the world’s #1 phishing target
- Dec 23 2011: APWG releases its Phishing Trends Report for 1H 2011
This report shows a huge increase in Classified add attacks. Find the latest report and all previous reports here . . .
- Nov. 9, 2011: FBI announce Operation Ghost Click
Arrest Six Estonian nationals who were part of an International Cyber Ring That Infected Millions of Computers
http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911
- 7 Nov 11: APWG Releases Global Phishing Survey: Domain Name Use and Trends in 1H2011
This study is a comprehensive analysis of the phishing that took place in the second half of 2011 (1H2011). Highlights include:
- Average and median uptimes of all phishing attacks dropped notably
- More than a third of all phishing attacks involved hackings of shared virtual servers
- Phishers continue to use subdomain registration services heavily
- Attacks by Chinese phishers were up significantly
- Nov. 22, 2011: APWG Secretary General is speaking on a plenary panel at the meeting of the
Convention
on Cybercrime OCTOPUS conference at the Council of Europe, discussing the future of cooperation against cybercrime.
- Nov 1, 2011: APWG Resident Research Fellow Pat Cain appears at the National Institute of Standards and Technology's
7th Annual IT Security Automation Conference in Crystal City, Virginia
to speak on Unified eCrime Event Reporting With the APWG Adventures in Information Sharing: Now and
for the Future.
- Oct 18, 2011: APWG Secretary General Peter Cassidy is participating in a Cybersecurity Partners Breakfast on cybercrime threats against
the national economy, financial markets and IT infrastructure with DHS Secretary Janet Napolitano at the NASDAQ's offices in New York City.
- July 26, 2011: APWG Secretary General is assisting the Chairman of the Federal Communications Commission on the development of the
Cybersecurity Plan Wizard for small businesses enterprises at a meeting in Washington, DC at the FCC's offices.
- July 19, 2011:APWG Secretary General appears at Privacy Security Trust
2011 in Montreal, speaking on The Public Health Model of Information Security.
- July 21, 2011: APWG Secretary General appears at the Canadian Department of
Justice in Ottawa, speaking on Toward a Public Health Model for eCrime Response and Management
- June 27, 2011: DHS Announces STOP. THINK. CONNECT Contest Winner
APWG Secretary General and Stop Think Connect Messaging Convention director Peter Cassidy represents the APWG at a White House
event, announcement of the Stop Think Connect Public Service Announcement challenged sponsored by Department of Homeland Security.
(Mr Cassidy was principal author of the Messaging Convention program plan, drafted in April, 2009 with NCSA.)
- June 14, 2011: APWG addresses the 17th Annual FIRST (first.org) conference
APWG Resident Research Fellow Patrick Cain addresses the 17th Annual FIRST (first.org) conference of national and corporate CERT teams in Vienna,
Austria. Cain's talk, entitled Interesting Things in APWG Statistics used a number of APWG statistical reports to identify and discuss phishing trends over the past
five years and their causes.
- June 8, 2011: APWG Secretary General receives award
APWG Secretary General Peter Cassidy was awarded the
annual Internet Superhero Award of 2011 by WiredSafety for his efforts on behalf of the APWG at the Annual WiredKids Summit at the Russell
Senate Office Building.
- June 3 2011: APWG releases new Web Vulnerabilities Survey
This briefing memorandum discusses the initial analysis of a wide-ranging survey of enterprises whose websites had been hacked. Its organizing motive is to understand the web
site operating environments that are abused by cybercrime gangs, the nature of the attacks, and actions the victim took in response to obtain a clearer understanding of
attacker methodologies and target preferences.
- May 4 2011: 2011 NCSA K-12 State of Cybersecurity Education survey
The survey shows that there is still very little being taught in the classroom regarding cybersecurity, cybersafety and cyberethics. Primary reasons for this (other
than lack of classroom time) are that teachers don’t feel comfortable addressing most of the subjects – including topics like cyberbullying, how to protect personal
information and using passwords – and that they haven’t much in the way of professional development. The good news is that they most teachers feel these issues are
important to address and they are interested in receiving the professional development.
- Mar 24 2011: APWG's addresses APCERT Annual Meeting
During this years annual APCERT Meeting in JeJu, Korea Deputy Secretary-General Foy SHiver will present an overview of APWG ongoing initiatives, the ongoing
evolution of cyber crime and new motivations behind a new World Health Organization approach to electronic crime and security.
- Feb 15 - 16 2011: APWG events for RSA 2011 in San Francisco
This year during RSA week in San Francisco the APWG will host one Reception on Tuesday the 15th and two meetings on Wednesday the 16th. At 5:30PM on Tuesday the 15th the APWG will host a reception at 111 Minna Gallery. On Wednesday the 16th Steering Committee member Microsoft will host a meeting of the Internet Policy Committee followed by a formal Steering Committee Meeting at their offices in San Francisco. Members should contact Foy or Peter with any questions.
- Jan 20 2011: APWG opens registration for new one day Research focused event, University College Dublin
The eCrime Researchers Sync-Up is a new annual event established to help promote the existing research initiatives at the APWG. Hosted at University College Dublin on March 15 and 16, 2011 it will constitute a two-day exchange of presentations and discussions related to eCrime research in progress - and for networking of researchers within the disciplines that are defining the eCrime field of study today. Call For Papers . . .
- Nov 2010: APWG Announces Counter eCrime Operations Summit in Kuala Lumpur
The fifth annual Counter-eCrime Operations Summit (CeCOS V) will engage questions of operational challenges and the development of common resources for the first responders and forensic professionals. This three-day conference is to be held the end of April 2011 in Kuala Lumpur, Malaysia at the Crown Plaza Hotel. More here . . .
- Oct 2010: APWG Resident Research Fellow Patrick Cain gave the keynote presentation at
the 6th COLARIS
APWG Resident Research Fellow Patrick Cain gave the keynote presentation at
the 6th COLARIS (COngresso Latinmaericano de Respuesta a Incidents de
Seguridad) in Lima, Peru. COLARIS, sponsored by Telefonica, brings together
security professionals from across South America. Mr. Cain spoke on "The Evolution of phishing, fraud, and eCrime and a Plan for the Future", stressing that good user education and not technology is the answer
to user protection.
- 4 - OCT 10: : STOP. THINK. CONNECT.™: Broad Government, Industry and Non-Profit Coalition Unveils First-Ever Coordinated Online Safety Message
An unprecedented coalition of government, industry and non-profit organizations today unveiled the first-ever unified
public awareness message to help all digital citizens stay safer and more secure online.
Press Release . . .
- 1 - OCT 10: : Presidential Proclamation--National Cybersecurity Awareness Month
Today President Obama announces National Cybersecurity Awareness Month and makes mention of the joint APWG/NCSA
program to establish a national cyber security awareness campaign "STOP, THINK, CONNECT". Details here on the
The White House web site.
- 14 - SEP 10: CNCERT/CC and FIRST Technical Colloquium Beijing, China:
On September 14th Deputy Secretary-General Foy Shiver will speak at the CNCERT/CC and FIRST.org Technical Colloquim held
in Beijing, China. See program details here. . .
- 23 - AUG 10: IEEE promotes APWG program for eCrime Research:
The APWG announced today that the IEEE Standards Association (IEEE-SA) will sponsor its eCrime Fighter Scholarship Program this fall at its eCrime Researchers Summit in Dallas, the APWG’s annual peer-reviewed research conference dedicated exclusively to ecrime research. Full Details . . .
- 16 - JUN 10: APWG Secretary General Peter Cassidy addresses the IEEE Standards Association at the IEEE-SA's annual board meeting in New
Brunswick, NJ:
Mr. Cassidy will speak to the IEEE-SA on "Data Logistics Challenges to Engaging the Global Electronic Crime
Network."
- 1 June 10: APWG Joins "Day of Action" against mass-market fraud
The APWG is joining law enforcement and regulatory authorities in five nations around the world in a multinational “Day of Action” against
mass-market fraud by committing its data logistics resources and consumer education programs to their international awareness and
response effort. APWG's release available here.
- 09 April 10: APWG Post 20th language to Education Redirect site:
Today the APWG posted the translated site for Norwegian, the 20th language to be supported. This site helps educate users
that were duped into following a malicious link. The Education Redirect program points out the mistake and provides
some easy tips to avoid becoming a victim of electronic fraud and crime.
Program Details
New Norweagan Page
- 24 Mar 10: Secretary General Peter Cassidy addresses the Council of Europe in Strasbourg, France:
Mr. Cassidy has been invited to the Octopus Interface conference on Cooperation against cybercrime to present on data logistics and data
logistics aspects of reporting and exchanging ecrime event data, focusing on the APWG's extensions to the
Incident Object Data Exchange
Format (IODEF) for reporting and processing electronic crime events. The program agenda is available on the
COE's site here.
- 24 Mar 10: Cybersecurity Bill Approved:
The Senate Commerce Committee Wednesday approved legislation to improve how the federal government and the private sector deal with cyber
attacks. Approved by voice vote, the bill would raise the priority of cybersecurity throughout the federal government and streamline
cybersecurity-related functions. (full
details here)
- 18 MAR 2010: JPCERT/CC the Anti-Phishing Council Japan and JAIPA
announce education effort:
Today JPCERT/CC in conjunction with the Anti-Phishing Council Japan and Japan Internet Providers Association (JAIPA) announce
a joint effort to promote the APWG's Education Landing Page Program. Through JAIPA's wide out reach,
more than 300 ISP members of this association and JPCERT/CC will work with ISPs and hosting providers to use the APWG's landing page when removing phish
contents from their own network. This effort will help promote end user education and help deter criminal efforts against the Japanese public. Details
in the official press release can be found at:
http://www.antiphishing.jp/information/information1056.html
http://www.jaipa.or.jp/topics/?p=306
- 5 MAR 2010: NCSA & APWG Host Consumer Messaging Meeting:
On Mar 5th the APWG in conjunction with our partner the NCSA will host the next meeting of the Consumer Security and Safety Messaging Convention. This meeting will be held in San Franciso during the annual RSA week. Program Details here . . .
- 27 & 28 Jan 10: APWG address JPCERT/CC:
JPCERT/CC, the first CSIRT established in Japan, will host two one day Anti-Phishing Seminar's in Tokyo and Osaka on January 27 & 28 2010.
APWG Deputy Secretary-Genearl Foy Shiver will address the audiences to present the numerous ongoing APWG initiatives and discuss the status
of Phishing, Fraud and Electronic crime in today electronic dominated business environment.
- 15 Jan 10: APWG Secretary General Peter Cassidy speaks at Booz Allen Hamilton:
Mr. Cassidy has been invited to this present a talk on "Data Logistics Requirements for Engaging the Global
Electronic Crime Plexus" by Booz Allen Hamilton's Information Assurance and Law Enforcement
Technical Focus Groups.
- 17 - 18 Nov 09: Secretary General Peter Cassidy addresses the G8's
High Tech Crime Subgroup (HTCSG) in Palermo, Italy:
Mr. Cassidy has
been invited to this G8 subgroup's Fall meeting to provide a
presentation on APWG's
extensions to the Incident Object Data Exchange Format (IODEF) for
reporting and processing electronic crime events.
- 18 Nov 09: House Science Subcommittee Approves Bill Increasing NIST's Cybersecurity
Authority (Pike & Fischer, 111609)
The House Science and Technology Subcommittee on Technology and
Innovation Nov. 4 approved a bill giving the National Institute of
Standards and Technology additional responsibilities for developing
cybersecurity standards, including ensuring privacy protection for
electronic health records.
The "Cybersecurity Coordination and Awareness Act" (bill number not
available) would require NIST to "develop and implement a plan to ensure
coordination within the U.S. government with regard to the development
of international cybersecurity technical standards; develop and
implement a cybersecurity awareness and education program; and engage in
research and development to improve identity management systems,"
according to a subcommittee statement.
Full text of the committee print of the bill is available here.
- 21 Oct 09: APWG Awards 2009 Thought Leader Awards:
At its annual Counter eCrime Researchers Summit the APWG awarded the 2009 Thought Leadership Awards to Laura Mathers of Silver Tail Systems and
Rod Rasmussen of Internet Identity. This award is giving to individuals that display a talent for giving expression to the eCrime threats thus
contributing to the common understanding of the menace and for helping to breath life into collective soultuions.
- 19 Oct 09: APWG Deploys Real-Time Internet Saftey Education Program:
The APWG’s Internet Policy Committee (APWG-IPC) and the Carnegie Mellon Cylab Usable Privacy and Security Laboratory (CUPS) have joined forces to educate consumers about phishing and established the APWG/CMU Phishing Education Landing Page program. The goal of this initiative is to instruct consumers on online safety at the “most teachable moment”: when they have just clicked on a link in a phishing communication.
- 17 Sept 09: UAB Partners with The National White Collar Crime Center:
The University of Alabama at Birmingham (UAB) Department of Justice Sciences has signed a collaborative agreement with the National White Collar Crime Center and the Internet Crime Complaint Center to conduct research on cyber-crime and to create training programs in cyber-crime investigations for law enforcement.
- 27 Jul 09: Secretary General Peter Cassidy addresses the ISTS:
Dartmouth College's Institute for Security, Technology, and Society (ISTS) host the Securing the eCampus conference in Hanover, NH. where Mr Cassidy speaks to "Crimeware's Evolution."
- 17 Jul 09: P. Kumaraguru will present at the Sixth Conference on Email and Anti-Spam.
P. Kumaraguru will be presenting a paper on the APWG’s Phishing Education Landing Page
Program at the Sixth Conference on Email and Anti-Spam on July 17. The presentation will
cover statistics about the landing page and how the initiative came into being.
- 29 Jun 09: APWG Deputy Secretary-General Foy SHiver will speak at the annual FIRST.org meeting in Kyoto, Japan. He will take this
opportunity to update the attendees on the on-going projects like the Accelerated Takedown Initiative, the Consumer Redirect page and the 2H2008 Global
Domain study.
- 21-26 Jun 09: APWG Industry Liaison Rod Rasmussen briefs ICANN constituency meeting - Sydney, Australia
Rod Rasmussen, co-chair of APWG's Internet Policy Committee (IPC) will be
attending ICANN on behalf of the IPC. Rod will be presenting to the Cross-constituency group, the Intellectual Property Constituency, and the
ccNSO. Rod will be discussing the results obtained in the 2H2008 Global Domain study among other APWG programs of interest to ICANN members.
- APWG Internet Policy Committee Co-Chair Laura Mathers post a series about online fraud from the victim's perspective.
In the fraud fighting community it is easy to sometimes lose sight of what it is like to be the victim. In these post Laura attempts to raise
awareness of the frustration and helplessness (in addition to the money loss) that accompanies these crimes.
- 4 Feb 09: APWT Releases new resource document "What To Do If Your Web Site Has Been Hacked by Phishers"
This document is a reference guide for any web site owner or operator who suspects, discovers, or receives notification that its web site
is being used to host a phishing site. The document explains important incident response measures to take in the areas of identification,
notification, containments, recovery, restoration and follow-up when an attack is suspected or confirmed.
|
|
|
|
|
|
|
Anti-Phishing Working Group
The Anti-Phishing Working Group (APWG) is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and
identity theft that result from phishing,pharming, malware and email spoofing of all types.
|
|
|
Have You Been Phished?
Do you have a phish story you would like to share to help educate others through our Phishing Trends Report?
Send us a note with this form
|
|
click here for a full listing
|
|
|
|
|