APWG 2007 General Meeting

Report Phishing

click here for a full listing

APWG eCrime Newswire
Powered by Exfacto!

More on APWG's Phishing and
eCrime Newswire Page

2007 APWG General Members Meeting
Pittsburgh, PA
October 2 - 3, 2007

CERT Network Situational Awareness Group

The APWG is pleased to present the 2007 Fall General Meeting. Please join us at this opportunity to bring yourself up-to-date on phishing's evolution across the globe. Count on two full days of presentations, panel discussions and in-depth round-tables.

At this two-day members-only meeting, the APWG will examine crimeware's evolution, the roles of Registrars, Registries and DNS in managing phishing attacks, public health approaches to managing the Botnet scourge, behavioral vulnerabilities and human factors that contribute to phishing's success as well as breaking news on Counter-eCrime tools and resources.

Participants in the eCrime Researchers Summit and the General Members Meeting are invited to the APWG eCrime reception at Carnegie Mellon University on the evening of Wednesday, October 3. Join us for a dinner buffet, drinks, and an eCrime cabaret performance.

APWG Members and Non-Members Please Note: The sessions at the Fall General Meeting are open to APWG Members Only. APWG organizers will vet all registrants that sign up for the conference. Interlopers will not be accomodated. If you haven't already, check membership rules and benefits at: http://www.antiphishing.org/membership.html Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community, security solutions providers and research institutions. Members at the individual level and above are eligible to attend conferences.

REGISTRATION NOTICE : Registration for this General Members meeting is for the ONE event on October 2 and 3 and does NOT entitle the registree to attend the eCrime Researchers Summit on October 4 and 5. To also attend that event will require a separate registration, see this page for details.

Registration	Working Agenda	Location Logistics
Call for Presentations		Sponsor Oportunities

Tuesday, October 02

7:30 AM

Breakfast & Registration

8:30 AM

Opening Remarks and Conference Overview

Dave Jevans
Chairman
APWG

Peter Cassidy
Secretary-General
APWG

Global Statistical Overview of Phishing and Crimeware

Bassam Khan
Cloudmark

International Field Reports

Steve Martin Australian High Tech Crime Centre Economic & Special Operations Australian Federal Police

Futoshi Nakada Chair, Council of Anti-Phishing Japan Marketing Director, SecureBrain Corporation

Cristine Hoepers CERT.br Brazil

Dave Woutersen Security Specialist GOVCERT.NL

Morning Break and Kaffee Klatsch

Potent & Emergent Technical Vulnerabilities Report
Siege at the Desktop; Insurgency in Web Space

Web Applications Vulnerabilities Survey and Review

Robert Hansen, CISSP
CEO
SecTheory LLC

Web Applications Vulnerabilities Survey and Review
Weakest Link on the Desktop: Still the User

Jason Milletary
Internet Security Analyst
CERT

Nick Ianelli
Internet Security Analyst
CERT

Jeff Gennari
Internet Security Analyst
CERT

Lunch

Technical, Tactical and Operations Report

eCrime Network For Hire

Yinon Glasner
RSA Security, Inc.

Of BIND and Cache: Potent Technical Vulnerabilities Within BIND 9 Transaction IDs

Amit Klein
Trusteer, Inc.

The ROCK Targets Domain Name Management Systems:
Implications for eCommerce Security

Rod Rasmussen
Internet Identity, Inc.
APWG DNSPWG Co-chair

Phriendly Phishing Landing Page Strategies
Leveraging the Phishimg Victim Experience for Consumer Education

Todd Inskeep, CISSP
Bank of America

Building the Global Crimeware Radar Array

Jacomo Piccolini
Brazilian Academic Research Network CSIRT
CAIS/RNP

Afternoon Break and Kaffee Klatsch

APWG Operational Resources Session

The APWG Contacts Counter-Phishing Signaling and Communication System and Related Federation Issues

Foy Shiver
Deputy Secretary-General
APWG

The eCrime IODEF Extensions for eCrime Event Reporting and Its Implications for Automating eCrime Response Routines

Pat Cain
Cooper Cain, Inc.
APWG Resident Research Fellow

APWG eCrime Event Repository 2.0

Dave Jevans
Chairman
APWG

Working with Law Enforcement Session

Enterprise Forensics and the Private Sector/Law Enforcement Interface

Joel Yusim
IT Project Manager

CISCO

The Cyberpol Proposal
An eScotland Yard for Cybercrime?

Cst. Kathy Macdonald, CPP
Crime Prevention Unit
Calgary Police Service

Industry Collaborations at the Speed of eCrime:
A Colloquy and Call to Action by the National Cyber-Forensics & Training Alliance

Ron Plesco
CEO NCFTA

SSA Tom Grasso
FBI CIRFU at NCFTA

A Special NCFTA Presentation

Stalking the ROCK:
The NCFTA Shares Its Insights Into the Enigmatic ROCK Phishing Group

SSA Mike Eubanks
FBI CIRFU at NCFTA

David Bonasso
Program Director, NCFTA

6:00 PM

Closing Day One and Announcements

7:30 PM

APWG Steering Committee Meeting

Moderator:
Dave Jevans
APWG Chairman

Wednesday, October 03

07:30 AM

Breakfast

08:30 AM

Behavioral Vulnerabilities Session Presentations and Panel

Research Review:
Supporting Trust Decisions Research at Carnegie Mellon

Lorrie Cranor
CyLab
Carnegie Mellon University

You've Been Warned:
An Empirical Study of the Effectiveness of Web Browser Phishing Warnings

Serge Egelman

Anti-Phishing Phil:
The Design and Evaluation of a Game That Teaches People Not to Fall for Phish

Steve Sheng

Morning Break and Kaffee Klatsch

Domain Name System Policy Working Group
Presentations and Panel

This session will give an update on the activities of the Domain Name System Policy Working Group (DNSPWG). The four teams on the DNSPWG will give reports on their respective areas. These updates will include the status of the changes proposed to WHOIS by ICANN, progress in working with registries to suspend domain names used for phishing, best practices being prescribed for registrars and registries, statistics on the use of domain tasting in the phishing industry, an overview of DNSPWG's participation in the June 2007 ICANN meeting, and plans for the October ICANN meeting. In addition, there will be an update on the various documents recently published by this sub-committee.

Moderator:
Laura Mather, Ph.D.
MarkMonitor & DNSPWG Co-chair

Panelists:
Rod Rasmussen
InternetIdentity & APWG DNSPWG Co-chair

Mario Maawad
LaCaixa CSIRT

Pat Cain
Cooper Cain, Inc.
APWG Resident Research Fellow

Greg Aaron
Afilias

John L. Crain
Chief Technical Officer
I.C.A.N.N.

Dave Piscitello
SSAC Fellow
ICANN

David Maher
Senior Vice President
Law & Policy
Public Interest Registry

Mike Rodenbaugh
ICANN
Councilor
Generic Names Supporting Organization

Lunch

APWG Roundtable
Botnets, Network Forensics and the Diplomatic Aspects of the Private Sector/Law Enforcement Interface in eCrime Suppression

Following Botnet Controllers Home:
Infiltrating and Monitoring eCrime Communications

Lawrence Baldwin
My | NetWatchman

The Black Art of Mapping Criminal Actors to Correlative eCrime Events

Andre DiMino
ShadowServer

Fraud 2.0 – How Botnet proxies defeat current credit-card and banking fraud protection

Alisdair Faulkner
Director of Development
ThreatMETRIX

Geopolitical and Diplomatic Aspects of eCrime Networks

Sidney Faber
CERT/NetSA

Panel Discussion:
Ethical, Legal and Techo-diplomatic Challenges to Botnet Mapping and Remediation

Moderator
Randy Vaughn
Baylor University

Panelists:
Gary Warner
University of Alabama at Birmingham

Andre DiMino
ShadowServer

Mike Collins
CERT/NetSA

Don Blumenthal
Infragard - Michigan Chapter

Afternoon Break and Kaffee Klatsch

APWG Roundtable
Plotting Priorities: 2008 and Beyond
APWG members, research partners and thought leaders consider the challenges facing the counter-ecrime community in a number of discrete technical, industrial and political dimensions including Desktop Protection/Hygiene, Security Usability/Consumer Education, Network Protection/Hygiene, DNS Protection/Hygiene, Law Enforcement and Response Strategies. Panelists posit priorities in engaging each of these aspects of the ecrime crisis at hand and consider their costs and consequences with the APWG plenary .

Moderator:
Dave Jevans
Chairman, APWG

Panelists:
Dan Schutzer
Executive Chairman
Financial Services Technology Consortium
Financial Institutions & Transaction Space Strategies and Priorities

Dr Randy Vaughn
Graduate Faculty
Baylor University
Networtk Protection: Hygiene Strategies and Priorities

Craig Spiezle
Director
Microsoft
Desktop Protection:
Hygiene Strategies and Priorities

John L. Crain
Chief Technical Officer
I.C.A.N.N.

Dr. Lorrie Cranor
Cylab
Carnegie Mellon University
Security Usability and User Behavior Strategies and Priorities

Gary Warner
University of Alabama at Birmingham
Private Sector Response Strategies and Priorities

SSA Tom Grasso
FBI CIRFU at NCFTA

Closing Remarks

Dave Jevans
Chairman
APWG

5:00 PM

APWG Field Trip to the NCFTA Labs

APWG Program National Cyber Forensics and Training Alliance has arranged for APWG conferees to tour their Pittsburg laboratories

Registered APWG conference attendees will receive information on sign-up for this trip at the meeting.

5:15 PM

Birds of a Feather Sessions at the NCFTA

Crimeware and Crimeware-Spreading URL Reporting and Data Sharing

Botnet Data Reporting and Data Sharing

7:30 PM

APWG eCrime Fighters Night Out

APWG Conference Week Partner CMU CyLab hosts the evening's dinner, drinks and revelries for all attendees of the General Members Meeting and the eCrime Researchers Summit.

Holiday Inn Select
100 Lytton Avenue
Pittsburgh, PA 15213
US
Tel: +1.412.682.6200
Fax: +1.412.681.4749

This year's General Meeting and all event meetings are being held at the Holiday Inn Select University Center Pittsburgh. Nestled in the center of Pittsburgh's academic, medical and cultural community, the hotel is adjacent to the University of Pittsburgh and walking distance from Carnegie Mellon.

Local Attractions
* Heinz Field & PNC Park
* Andy Warhol Museum
* Phipps Conservatory
* Kennywood Amusement Park
* Sandcastle Water Park
* Mellon Arena
* The Waterfront Shops & Restaraunts
* Station Square Freight House Shops
* Mt. Washington & Duquense Incline
* Shadyside Shopping District
* Soldier's & Sailors Hall
* Southside Nightlife District

Hotel Room Reservations
For reservastions please use 3-letter code "APW" and contact the hotel at 1.800.864.8287 or visit their website. The negotiated APWG discount rate is availalbe for the nights of September 30 through October 6, based on availability. To qualify for the APWG rate registrations must be received before September 14 at 5:00 PM EST. Please mention "APW" when registering for this special rate. After September 14, please contact the hotel directly to determine availability and rate.

Standard Rooms $112 single/double *
(Rate subject to local taxes)

Check In Info / Cancellation Policy
Check-In time is 3:00 p.m. or later. Anyone arriving prior to 3:00pm will be accommodated as soon as possible, but should be advised that there may be a wait. Check-out time is 12 noon. Arrangements can be made for baggage storage with our front desk staff. An advance deposit will be taken at time of booking. Deposit is refundable only if reservation is cancelled 72 hours prior to arrival date. No-shows and reservations cancelled less than 72 hours in advance will be charged in full plus taxes.

* This room rate is not commissionable to travel agents.

For this meeting, the APWG is still developing, reviewing and receiving, proposals for research presentations from the membership and from visiting scholars. Financial institutions, technology, vendors, ISPs, law enforcement representatives and inter-disciplinary study groups working within the APWG research committees are all invited to send their proposals to Secretary-General Peter Cassidy at pcassidy@antiphishing.org.

APWG is offering an opportunity to build relationships while marketing your company to a targeted audience of communications service, technology companies, security companies, regulatory and law enforcement officials and financial institutions during its Fall 2007 General Meeting in October.

Sponsorships are a personal, non-intrusive way of conveying your message. Additionally, your participation can help support activities vital to the overall success of the APWG and its research partners, which ultimately contributes to the success of the entire counter-phishing stakeholders' community.

The following benefits are available to Meeting Sponsors, once your sponsorship is confirmed:

Recognition in on-site signage displayed during the meal or break
Distribution of one giveaway such as a literature pack

There are a number of meal or break sponsorship opportunities available for APWG members who want to use the meetings as an opportunity to communicate their brand and message to members of the APWG and presenters, each either a critical decision maker or a thought leader in his or her own right.

For more information on sponsoring oportunities please contact APWG Deputy Secretary-General Foy Shiver at fshiver@antiphishing.org.

The Anti-Phishing Working Group (APWG) is focused on giving industry stakeholders a confidential forum to discuss phishing issues, define the scope of the phishing problem in terms of hard and soft costs, and share information and best practices for eliminating the problem. Where appropriate, the APWG will also look to share this information with law enforcement. Membership is open to qualified financial institutions, e-commerce companies, the law enforcement community, and industry. Because phishing attacks and email fraud are sensitive subjects for many organizations that do business online, the APWG has a policy of maintaining the confidentiality of member organizations.

The Web site of the Anti-Phishing Working Group is www.antiphishing.org. It serves as a public and industry resource for information about the problem of phishing and email fraud, including identification and promotion of pragmatic technical solutions that can provide immediate protection and benefits against phishing attacks.

The APWG was founded by Tumbleweed Communications and a number of member banks, financial services institutions, and e-commerce providers. It held its first meeting in November 2003 in San Francisco. The APWG, an organization of more than 2500 members and more than 1600 member companies, police and government agencies worldwide was officially established as an independent organization in June 2004, controlled by its executives and board of directors and an advisory steering committee.