Public
  Education
  Initiative		   eCrime
  Research		   Research
  in the
  Internet's
  Interest		  Wireless
 Device Fraud
 Working
 Group		 eCrime  
Reporting  
File Format  
Report Phishing
Vendor Solutions
Consumer Advice
APWG Home
APWG Premium Members:     click here for a full listing
 
 -- Home
 -- Report Phishing
 -- APWG Events
 -- Resources
 -- eCrime & Phishing News
 -- Phishing Education
 -- Crimeware Map
 -- JOIN THE APWG
 -- APWG Member Site
 -- Contact Us
 

APWG Global
Research Partners:
 click here for a full listing

 
 
 

Brands Targeted by Cybercrime Gangs Reach All-Time High in April

  

The number of brands targeting by phishing attacks sustained an all-time high of 428 in April of this year, the second record-breaking quarter for cybercrime brand abuse this year

download full report here
   

Consumer Advice on Phishing
Check out the advice we've compiled for consumers on phishing. Visit the Resources pages for more information:

Noted Happenings
  • October 23 2012: APWG Releases Global Phishing Survey: Domain Name Use and Trends in 1H2012
    Published October 23 2012, this study is a comprehensive analysis of the phishing that took place in the first half of 2012 (1H2012). Highlights include:
    • Average uptimes of all phishing attacks dropped to a record low, but the number of phishing attacks rose.
    • Phishers hacked into shared hosting more often, and used subdomain registration services more than regular domain registrations.
    • Phishing dropped in China, and server compromises rose in South America.
      •  
  • October 04 2012: APWG talks data sharing at IT Security Automation event
    APWG Resident Research Fellow Patrick Cain will be presenting at the 8th Annual IT Security Automation Conference in Baltimore, MD, USA, on October 4, 2012. His presentation, in the Incident Handling Track, is titled "What works, didn't work, and still needs to get working in data sharing".
     
  • October 09 2012: APWG Keynotes First Awareness Conference for the Protection of Critical Infrastructures and Cybersecurity in Buenos Aires
    APWG Secretary General Peter Cassidy addresses Argentina's Oficina Nacional de Tecnologías de Información conference, discussing unifying strategies for global cybersecurity awareness messaging and other response instrumentation for cybercrime management on a global scale.
     
  • Sept 20-21 2012: APWG Addressing Organization for Security and Cooperation in Europe's Police Experts' Meeting
    APWG Secretary General Peter Cassidy is addressing OSCE's meeting in Vienna, Austria on cybercrime prevention and improving collaboration between commercial and law enforcement sectors.
     
  • Sept 18 2012: APWG Advising The Commonwealth Cybercrime Initiative
    APWG Secretary General Peter Cassidy is working with Commonwealth of Nations Cybercrime Initiative in London, UK; CCI Steering Group member, Mr. Cassidy, will be sharing insights on APWG data logistics and educational programs to inform CCI's capacity building regimes for Commonwealth countries.
     
  • August 18 2012: Team APWG Completes Tough Mudder Toronto
    Team APWG participated in the Tough Mudder Toronto. Tough Mudder events are hardcore 10-12 mile obstacle courses designed by British Special Forces to test your all around strength, stamina, mental grit, and camaraderie. Tough Mudder is a charity event that has raised more than $3 million dollars for the Wounded Warrior Project.
     
  • August 15 2012: APWG Opens Registration for eCrime 2012
    APWG is proud to announce Registration is open for eCrime 2012, the four day combined event that includes the 2012 Fall General Meeting, eCrime Researchers Summit, and ICANN DNS Security, Stability and Resiliency Symposium scheduled October 22 - 25 in Puerto Rico, US.
    Full Details Here . . .
     
  • July 19 2012: APWG releases its Phishing Trends Report for 1Q 2012
    This report shows targeted brands reaching a new high. Find the latest report and all previous reports here . . .
     
  • May 25 2012: APWG releases its Phishing Trends Report for 2H 2011
    This report shows scammers working harder to fool cybercrime savvy consumers. Find the latest report and all previous reports here . . .
     
  • 26 Apr 12: APWG Releases Global Phishing Survey: Domain Name Use and Trends in 2H2011
    This study is a comprehensive analysis of the phishing that took place in the second half of 2011 (2H2011). Highlights include:
    • Average uptimes of all phishing attacks dropped notably
    • Phishers used subdomain registration services more than regular domain registrations
    • Phishing surged in China, and Taobao.com became the world’s #1 phishing target
      •  
  • Dec 23 2011: APWG releases its Phishing Trends Report for 1H 2011
    This report shows a huge increase in Classified add attacks. Find the latest report and all previous reports here . . .
     
  • Nov. 9, 2011: FBI announce Operation Ghost Click
    Arrest Six Estonian nationals who were part of an International Cyber Ring That Infected Millions of Computers
    http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911
     
  • 7 Nov 11: APWG Releases Global Phishing Survey: Domain Name Use and Trends in 1H2011
    This study is a comprehensive analysis of the phishing that took place in the second half of 2011 (1H2011). Highlights include:
    • Average and median uptimes of all phishing attacks dropped notably
    • More than a third of all phishing attacks involved hackings of shared virtual servers
    • Phishers continue to use subdomain registration services heavily
    • Attacks by Chinese phishers were up significantly
       
  • Nov. 22, 2011: APWG Secretary General is speaking on a plenary panel at the meeting of the Convention on Cybercrime OCTOPUS conference at the Council of Europe, discussing the future of cooperation against cybercrime.
     
  • Nov 1, 2011: APWG Resident Research Fellow Pat Cain appears at the National Institute of Standards and Technology's 7th Annual IT Security Automation Conference in Crystal City, Virginia to speak on Unified eCrime Event Reporting With the APWG Adventures in Information Sharing: Now and for the Future.
     
  • Oct 18, 2011: APWG Secretary General Peter Cassidy is participating in a Cybersecurity Partners Breakfast on cybercrime threats against the national economy, financial markets and IT infrastructure with DHS Secretary Janet Napolitano at the NASDAQ's offices in New York City.
     
  • July 26, 2011: APWG Secretary General is assisting the Chairman of the Federal Communications Commission on the development of the Cybersecurity Plan Wizard for small businesses enterprises at a meeting in Washington, DC at the FCC's offices.
     
  • July 19, 2011:APWG Secretary General appears at Privacy Security Trust 2011 in Montreal, speaking on The Public Health Model of Information Security.
     
  • July 21, 2011: APWG Secretary General appears at the Canadian Department of Justice in Ottawa, speaking on Toward a Public Health Model for eCrime Response and Management
     
  • June 27, 2011: DHS Announces STOP. THINK. CONNECT Contest Winner
    APWG Secretary General and Stop Think Connect Messaging Convention director Peter Cassidy represents the APWG at a White House event, announcement of the Stop Think Connect Public Service Announcement challenged sponsored by Department of Homeland Security. (Mr Cassidy was principal author of the Messaging Convention program plan, drafted in April, 2009 with NCSA.)
     
  • June 14, 2011: APWG addresses the 17th Annual FIRST (first.org) conference
    APWG Resident Research Fellow Patrick Cain addresses the 17th Annual FIRST (first.org) conference of national and corporate CERT teams in Vienna, Austria. Cain's talk, entitled Interesting Things in APWG Statistics used a number of APWG statistical reports to identify and discuss phishing trends over the past five years and their causes.
     
  • June 8, 2011: APWG Secretary General receives award
    APWG Secretary General Peter Cassidy was awarded the annual Internet Superhero Award of 2011 by WiredSafety for his efforts on behalf of the APWG at the Annual WiredKids Summit at the Russell Senate Office Building.
     
  • June 3 2011: APWG releases new Web Vulnerabilities Survey
    This briefing memorandum discusses the initial analysis of a wide-ranging survey of enterprises whose websites had been hacked. Its organizing motive is to understand the web site operating environments that are abused by cybercrime gangs, the nature of the attacks, and actions the victim took in response to obtain a clearer understanding of attacker methodologies and target preferences.
     
  • May 4 2011: 2011 NCSA K-12 State of Cybersecurity Education survey
    The survey shows that there is still very little being taught in the classroom regarding cybersecurity, cybersafety and cyberethics. Primary reasons for this (other than lack of classroom time) are that teachers don’t feel comfortable addressing most of the subjects – including topics like cyberbullying, how to protect personal information and using passwords – and that they haven’t much in the way of professional development. The good news is that they most teachers feel these issues are important to address and they are interested in receiving the professional development.
     
  • Mar 24 2011: APWG's addresses APCERT Annual Meeting
    During this years annual APCERT Meeting in JeJu, Korea Deputy Secretary-General Foy SHiver will present an overview of APWG ongoing initiatives, the ongoing evolution of cyber crime and new motivations behind a new World Health Organization approach to electronic crime and security.
     
  • Feb 15 - 16 2011: APWG events for RSA 2011 in San Francisco
    This year during RSA week in San Francisco the APWG will host one Reception on Tuesday the 15th and two meetings on Wednesday the 16th. At 5:30PM on Tuesday the 15th the APWG will host a reception at 111 Minna Gallery. On Wednesday the 16th Steering Committee member Microsoft will host a meeting of the Internet Policy Committee followed by a formal Steering Committee Meeting at their offices in San Francisco. Members should contact Foy or Peter with any questions.
     
  • Jan 20 2011: APWG opens registration for new one day Research focused event, University College Dublin
    The eCrime Researchers Sync-Up is a new annual event established to help promote the existing research initiatives at the APWG. Hosted at University College Dublin on March 15 and 16, 2011 it will constitute a two-day exchange of presentations and discussions related to eCrime research in progress - and for networking of researchers within the disciplines that are defining the eCrime field of study today. Call For Papers . . .
     
  • Nov 2010: APWG Announces Counter eCrime Operations Summit in Kuala Lumpur
    The fifth annual Counter-eCrime Operations Summit (CeCOS V) will engage questions of operational challenges and the development of common resources for the first responders and forensic professionals. This three-day conference is to be held the end of April 2011 in Kuala Lumpur, Malaysia at the Crown Plaza Hotel. More here . . .
     
  • Oct 2010: APWG Resident Research Fellow Patrick Cain gave the keynote presentation at the 6th COLARIS
    APWG Resident Research Fellow Patrick Cain gave the keynote presentation at the 6th COLARIS (COngresso Latinmaericano de Respuesta a Incidents de Seguridad) in Lima, Peru. COLARIS, sponsored by Telefonica, brings together security professionals from across South America. Mr. Cain spoke on "The Evolution of phishing, fraud, and eCrime and a Plan for the Future", stressing that good user education and not technology is the answer to user protection.
     
  • 4 - OCT 10: : STOP. THINK. CONNECT.™: Broad Government, Industry and Non-Profit Coalition Unveils First-Ever Coordinated Online Safety Message
    An unprecedented coalition of government, industry and non-profit organizations today unveiled the first-ever unified public awareness message to help all digital citizens stay safer and more secure online. Press Release . . .
     
  • 1 - OCT 10: : Presidential Proclamation--National Cybersecurity Awareness Month
    Today President Obama announces National Cybersecurity Awareness Month and makes mention of the joint APWG/NCSA program to establish a national cyber security awareness campaign "STOP, THINK, CONNECT". Details here on the The White House web site.
     
  • 14 - SEP 10: CNCERT/CC and FIRST Technical Colloquium Beijing, China:
    On September 14th Deputy Secretary-General Foy Shiver will speak at the CNCERT/CC and FIRST.org Technical Colloquim held in Beijing, China. See program details here. . .
     
  • 23 - AUG 10: IEEE promotes APWG program for eCrime Research:
    The APWG announced today that the IEEE Standards Association (IEEE-SA) will sponsor its eCrime Fighter Scholarship Program this fall at its eCrime Researchers Summit in Dallas, the APWG’s annual peer-reviewed research conference dedicated exclusively to ecrime research. Full Details . . .
     
  • 16 - JUN 10: APWG Secretary General Peter Cassidy addresses the IEEE Standards Association at the IEEE-SA's annual board meeting in New Brunswick, NJ:
    Mr. Cassidy will speak to the IEEE-SA on "Data Logistics Challenges to Engaging the Global Electronic Crime Network."
     
  • 1 June 10: APWG Joins "Day of Action" against mass-market fraud
    The APWG is joining law enforcement and regulatory authorities in five nations around the world in a multinational “Day of Action” against mass-market fraud by committing its data logistics resources and consumer education programs to their international awareness and response effort. APWG's release available here.
     
  • 09 April 10: APWG Post 20th language to Education Redirect site:
    Today the APWG posted the translated site for Norwegian, the 20th language to be supported. This site helps educate users that were duped into following a malicious link. The Education Redirect program points out the mistake and provides some easy tips to avoid becoming a victim of electronic fraud and crime.
    Program Details
    New Norweagan Page
     
  • 24 Mar 10: Secretary General Peter Cassidy addresses the Council of Europe in Strasbourg, France:
    Mr. Cassidy has been invited to the Octopus Interface conference on Cooperation against cybercrime to present on data logistics and data logistics aspects of reporting and exchanging ecrime event data, focusing on the APWG's extensions to the Incident Object Data Exchange Format (IODEF) for reporting and processing electronic crime events. The program agenda is available on the COE's site here.
     
  • 24 Mar 10: Cybersecurity Bill Approved:
    The Senate Commerce Committee Wednesday approved legislation to improve how the federal government and the private sector deal with cyber attacks. Approved by voice vote, the bill would raise the priority of cybersecurity throughout the federal government and streamline cybersecurity-related functions. (full details here)
     
  • 18 MAR 2010: JPCERT/CC the Anti-Phishing Council Japan and JAIPA announce education effort:
    Today JPCERT/CC in conjunction with the Anti-Phishing Council Japan and Japan Internet Providers Association (JAIPA) announce a joint effort to promote the APWG's Education Landing Page Program. Through JAIPA's wide out reach, more than 300 ISP members of this association and JPCERT/CC will work with ISPs and hosting providers to use the APWG's landing page when removing phish contents from their own network. This effort will help promote end user education and help deter criminal efforts against the Japanese public. Details in the official press release can be found at:
    http://www.antiphishing.jp/information/information1056.html
    http://www.jaipa.or.jp/topics/?p=306
     
  • 5 MAR 2010: NCSA & APWG Host Consumer Messaging Meeting:
    On Mar 5th the APWG in conjunction with our partner the NCSA will host the next meeting of the Consumer Security and Safety Messaging Convention. This meeting will be held in San Franciso during the annual RSA week. Program Details here . . .
     
  • 27 & 28 Jan 10: APWG address JPCERT/CC:
    JPCERT/CC, the first CSIRT established in Japan, will host two one day Anti-Phishing Seminar's in Tokyo and Osaka on January 27 & 28 2010. APWG Deputy Secretary-Genearl Foy Shiver will address the audiences to present the numerous ongoing APWG initiatives and discuss the status of Phishing, Fraud and Electronic crime in today electronic dominated business environment.
     
  • 15 Jan 10: APWG Secretary General Peter Cassidy speaks at Booz Allen Hamilton:
    Mr. Cassidy has been invited to this present a talk on "Data Logistics Requirements for Engaging the Global Electronic Crime Plexus" by Booz Allen Hamilton's Information Assurance and Law Enforcement Technical Focus Groups.
     
  • 17 - 18 Nov 09: Secretary General Peter Cassidy addresses the G8's High Tech Crime Subgroup (HTCSG) in Palermo, Italy:
    Mr. Cassidy has been invited to this G8 subgroup's Fall meeting to provide a presentation on APWG's extensions to the Incident Object Data Exchange Format (IODEF) for reporting and processing electronic crime events.
     
  • 18 Nov 09: House Science Subcommittee Approves Bill Increasing NIST's Cybersecurity Authority (Pike & Fischer, 111609)
    The House Science and Technology Subcommittee on Technology and Innovation Nov. 4 approved a bill giving the National Institute of Standards and Technology additional responsibilities for developing cybersecurity standards, including ensuring privacy protection for electronic health records.

    The "Cybersecurity Coordination and Awareness Act" (bill number not available) would require NIST to "develop and implement a plan to ensure coordination within the U.S. government with regard to the development of international cybersecurity technical standards; develop and implement a cybersecurity awareness and education program; and engage in research and development to improve identity management systems," according to a subcommittee statement.
    Full text of the committee print of the bill is available here.
     
  • 21 Oct 09: APWG Awards 2009 Thought Leader Awards:
    At its annual Counter eCrime Researchers Summit the APWG awarded the 2009 Thought Leadership Awards to Laura Mathers of Silver Tail Systems and Rod Rasmussen of Internet Identity. This award is giving to individuals that display a talent for giving expression to the eCrime threats thus contributing to the common understanding of the menace and for helping to breath life into collective soultuions.
     
  • 19 Oct 09: APWG Deploys Real-Time Internet Saftey Education Program:
    The APWG’s Internet Policy Committee (APWG-IPC) and the Carnegie Mellon Cylab Usable Privacy and Security Laboratory (CUPS) have joined forces to educate consumers about phishing and established the APWG/CMU Phishing Education Landing Page program.   The goal of this initiative is to instruct consumers on online safety at the “most teachable moment”: when they have just clicked on a link in a phishing communication.
     
  • 17 Sept 09: UAB Partners with The National White Collar Crime Center: The University of Alabama at Birmingham (UAB) Department of Justice Sciences has signed a collaborative agreement with the National White Collar Crime Center and the Internet Crime Complaint Center to conduct research on cyber-crime and to create training programs in cyber-crime investigations for law enforcement.
     
  • 27 Jul 09: Secretary General Peter Cassidy addresses the ISTS:
    Dartmouth College's Institute for Security, Technology, and Society (ISTS) host the Securing the eCampus conference in Hanover, NH. where Mr Cassidy speaks to "Crimeware's Evolution."
     
  • 17 Jul 09: P. Kumaraguru will present at the Sixth Conference on Email and Anti-Spam. P. Kumaraguru will be presenting a paper on the APWG’s Phishing Education Landing Page Program at the Sixth Conference on Email and Anti-Spam on July 17. The presentation will cover statistics about the landing page and how the initiative came into being.
     
  • 29 Jun 09: APWG Deputy Secretary-General Foy SHiver will speak at the annual FIRST.org meeting in Kyoto, Japan. He will take this opportunity to update the attendees on the on-going projects like the Accelerated Takedown Initiative, the Consumer Redirect page and the 2H2008 Global Domain study.
     
  • 21-26 Jun 09: APWG Industry Liaison Rod Rasmussen briefs ICANN constituency meeting - Sydney, Australia
    Rod Rasmussen, co-chair of APWG's Internet Policy Committee (IPC) will be attending ICANN on behalf of the IPC. Rod will be presenting to the Cross-constituency group, the Intellectual Property Constituency, and the ccNSO. Rod will be discussing the results obtained in the 2H2008 Global Domain study among other APWG programs of interest to ICANN members.
     
  • APWG Internet Policy Committee Co-Chair Laura Mathers post a series about online fraud from the victim's perspective. In the fraud fighting community it is easy to sometimes lose sight of what it is like to be the victim. In these post Laura attempts to raise awareness of the frustration and helplessness (in addition to the money loss) that accompanies these crimes.
     
  • 4 Feb 09: APWT Releases new resource document "What To Do If Your Web Site Has Been Hacked by Phishers"
    This document is a reference guide for any web site owner or operator who suspects, discovers, or receives notification that its web site is being used to host a phishing site. The document explains important incident response measures to take in the areas of identification, notification, containments, recovery, restoration and follow-up when an attack is suspected or confirmed.
     

 
STOP|THINK|CONNECT

 
Anti-Phishing Working Group
The Anti-Phishing Working Group (APWG) is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that result from phishing,pharming, malware and email spoofing of all types.


Have You Been Phished?
Phish Stories
Do you have a phish story you would like to share to help educate others through our Phishing Trends Report?
    Send us a note with this form
 

APWG Sponsoring Members:
  click here for a full listing