Public
  Education
  Initiative		   APWG
  eCrime
  Researchers
  Summit		   Research
  in the
  Internet's
  Interest		   eLENS - APWG
  Forensic Data
  Policy Project		 eCrime  
Reporting  
File Format  
Report Phishing
Vendor Solutions
Consumer Advice
APWG Home
APWG Premium Members:     click here for a full listing
 
 - Home
 - Report Phishing
 - APWG Events
 - Resources
 - eCrime & Phishing News
 - Phishing Education
 - Crimeware Map
 - JOIN THE APWG
 - APWG Member Site
 - Contact Us
 

APWG Global
Research Partners:
 click here for a full listing


APWG eCrime Newswire
Powered by Exfacto!

 
 
 

The Internet Has Never Been More Dangerous

Rogue Anti-Virus, Infected Computers and Malicious Code Break New
Barriers as Electronic Crime’s Sophistication and Ambition Grow Unchecked

  

Rogue anti-malware programs are proliferating at an
unprecedented rate. In H1, 2009, the number of such programs grew 585
per cent.

The number of unique phishing websites detected in June rose
to 49,084, the second-highest number recorded since APWG began reporting
this measurement
download full report here

Consumer Advice on Phishing
Check out the advice we've compiled for consumers on phishing. Visit the Resources pages for more information:
Noted Happenings
 
  • 17 - 18 Nov 09: Secretary General Peter Cassidy addresses the G8's High Tech Crime Subgroup (HTCSG) in Palermo, Italy:
    Mr. Cassidy has been invited to this G8 subgroup's Fall meeting to provide a presentation on APWG's extensions to the Incident Object Data Exchange Format (IODEF) for reporting and processing electronic crime events.
     
  • 18 Nov 09: House Science Subcommittee Approves Bill Increasing NIST's Cybersecurity Authority (Pike & Fischer, 111609)
    The House Science and Technology Subcommittee on Technology and Innovation Nov. 4 approved a bill giving the National Institute of Standards and Technology additional responsibilities for developing cybersecurity standards, including ensuring privacy protection for electronic health records.

    The "Cybersecurity Coordination and Awareness Act" (bill number not available) would require NIST to "develop and implement a plan to ensure coordination within the U.S. government with regard to the development of international cybersecurity technical standards; develop and implement a cybersecurity awareness and education program; and engage in research and development to improve identity management systems," according to a subcommittee statement.
    Full text of the committee print of the bill is available here.
     
  • 19 Oct 09: APWG Deploys Real0Time Internet Saftey Education Program:
    The APWG’s Internet Policy Committee (APWG-IPC) and the Carnegie Mellon Cylab Usable Privacy and Security Laboratory (CUPS) have joined forces to educate consumers about phishing and established the APWG/CMU Phishing Education Landing Page program.   The goal of this initiative is to instruct consumers on online safety at the “most teachable moment”: when they have just clicked on a link in a phishing communication.
     
  • 17 Oct 09: APWG Releases Global Phishing Survey: Domain Name Use and Trends in 1H2009
    This study is a comprehensive analysis of the phishing that took place in the second half of 2008 (2H2008). Highlights include:
    • Phishing attack and uptime statistics for all top-level domains
    • Major phishing gang attacks
    • Domain name registration patterns, and use of subdomains for phishing
    • Other trends pointing to anti-abuse strategies
  • 27 Sept 09: APWG Releases First Half 2009 Phishing Trends Report:
    The APWG's combined report, covering phishing activity during the first half of 2009 is available on our archive page here: APWG Phishing Trends Activity Reports.
     
  • 17 Sept 09: UAB Partners with The National White Collar Crime Center: The University of Alabama at Birmingham (UAB) Department of Justice Sciences has signed a collaborative agreement with the National White Collar Crime Center and the Internet Crime Complaint Center to conduct research on cyber-crime and to create training programs in cyber-crime investigations for law enforcement.
     
  • 27 Jul 09: Secretary General Peter Cassidy addresses the ISTS:
    Dartmouth College's Institute for Security, Technology, and Society (ISTS) host the Securing the eCampus conference in Hanover, NH. where Mr Cassidy speaks to "Crimeware's Evolution."
     
  • 17 Jul 09: P. Kumaraguru will present at the Sixth Conference on Email and Anti-Spam. P. Kumaraguru will be presenting a paper on the APWG’s Phishing Education Landing Page Program at the Sixth Conference on Email and Anti-Spam on July 17. The presentation will cover statistics about the landing page and how the initiative came into being.
     
  • 29 Jun 09: APWG Deputy Secretary-General Foy SHiver will speak at the annual FIRST.org meeting in Kyoto, Japan. He will take this opportunity to update the attendees on the on-going projects like the Accelerated Takedown Initiative, the Consumer Redirect page and the 2H2008 Global Domain study.
     
  • 21-26 Jun 09: APWG Industry Liaison Rod Rasmussen briefs ICANN constituency meeting - Sydney, Australia
    Rod Rasmussen, co-chair of APWG's Internet Policy Committee (IPC) will be attending ICANN on behalf of the IPC. Rod will be presenting to the Cross-constituency group, the Intellectual Property Constituency, and the ccNSO. Rod will be discussing the results obtained in the 2H2008 Global Domain study among other APWG programs of interest to ICANN members.
     
  • 22 May 09: APWG eCrime Research Summit Program Committee extends submission dates
    The Program Committee for the fourth annual APWG eCrime Research Summit announced an extension to the submission dates for papers to this year's event. The full paper abstract registration dates has been extended to June 10 with full papers submissions due June 15. Full White Paper Here . . .
     
  • 11 May 09: APWG Opens it's third annual Counter eCrime Operations Summit
    The APWG opens it Third annual Counter eCrime Operation Summit in Barcelona with a terrific turnout and robust agenda. Read deatails of the program at the link above.
     
  • 20 Apr 09: APWG IPC Co-Chair Laura Mathers moderates the Protecting Consumers panel at the RSA eFraudNetwork
    The eFraoudNetwork is a day where brand owners, law enforcement, and other organizations gather to discuss best practices in fighting online fraud. Other moderators included people from PayPal, the Department of Justice, and the Merchant Risk Council, Bank of America and Yahoo!.
     
  • APWG announces The Emergent Law Enforcement-Network Security Initiative (eLENS) This new project endeavors to take responsibility for helping to bridge the eCrime data-sharing gap between public law enforcement, private network security, investigative intelligence, network measurement and experimentation, and related policy. While the operational lines between these entities is blurring, there is no corresponding policy to guide and coordinate what is occurring informally and on an ad hoc basis. The eLENS effort will initially develop and promote uniform data exchange guidelines that address the full life cycle of information flows: discovery, acquisition, sharing, and disclosure. This will take into account the legality of capturing, observing, and sharing network activity, including the proper roles of the various stakeholders, and observance of evidentiary chain-of-custody principles to ensure resulting actions are ethically and legally actionable. A prospectus of the project is available here.
    •  
  • APWG Internet Policy Committee Co-Chair Laura Mathers post a series about online fraud from the victim's perspective. In the fraud fighting community it is easy to sometimes lose sight of what it is like to be the victim. In these post Laura attempts to raise awareness of the frustration and helplessness (in addition to the money loss) that accompanies these crimes.
    •  
  • 10 Mar 09: APWG Secretary General Peter Cassidy at Council of Europe
    Octopus Interface Conference on Cybercrime - Strasbourg, France Mr. Cassidy discusses the APWG's XML schema for eCrime reporting in a presentation titled, "An eCrime Reporting Lingua Franca" at this conference which is themed "Cooperation against Cybercrime."
     
  • 3 - 5 Mar 09: APWG addresses APCERT Annual General Meeting - Kaohsiung, Taiwan
    Deputy Secretary-General Foy Shiver addresses The Asia Pacific Computer Emergency Response Teams (APCERT) with a briefing on the status of counter e-crime efforts and programs designed to battle both crime and fraud on the internet. The annual conference provides a platform for CERTs in Asia Pacific region to share security information and to build trust relationships.
     
  • 4 Feb 09: APWT Releases new resource document "What To Do If Your Web Site Has Been Hacked by Phishers"
    This document is a reference guide for any web site owner or operator who suspects, discovers, or receives notification that it's web site is being used to host a phishing site. The document explains important incident response measures to take in the areas of identification, notification, containments, recovery, restoration and follow-up when an attack is suspected or confirmed.
     
  • 20 - 22 Jan 09: APWG Secretary General Peter Cassidy at United Nations Office on Drugs and Crime meeting of Core Group of Experts on Identity-Related Crime - Vienna, Austria
    Mr. Cassidy discusses utility of APWG/CMU Phishing Education Landing Page program and the APWG's XML schema for eCrime reports at the final meeting of the core experts group that studying and making recommendations about management of identity related crimes.
     
  • 16 Nov 08: APWG releases Advisary on Subdomain Registries
    This advisory, "Making Waves in the Phisher’ Safest Harbors: Exposing the Dark Side of Subdomain Registries", discusses how phishers now use what we call subdomain registries to provide safe harbors for malicious and criminal activities. The advisory also discusses measures individuals and organizations can consider if they opt to make these harbors less attractive and effective to phishers.
     
  • 3 Nov 08: APWG releases Global Phishing Survey: Domain Name Use and Trends in 1H2008
    This study describes our analysis of a comprehensive database of phishing that took place in the first half of 2008 (1H2008), and is a follow-up to our 2007 study. Specifically, the data in this new report includes all the phishing attacks detected between January 1, 2008 and June 30, 2008, as collected by the APWG and supplemented with additional reports from several phishing feeds and private sources. The APWG phishing repository is the Internet’s most comprehensive archive of e-mail fraud and phishing activity.
      
  • 27 Oct 08: Anti-Phishing Best Practices Recommendations for Registrars
    The purpose of this document is to provide a set of recommendations to the domain registrar community that can substantially reduce the risk and impact of phishing on consumers and business worldwide. The recommendations focus on 3 areas where registrars can be of assistance: Evidence Preservation for Investigative Purposes, Proactive Fraud Screening and Phishing Domain Takedown.
     
  • 8 Oct 08: FTC Warnes Consumers to Avoid Fake E-mails Tied to Bank Mergers
    Consumers are warned not to take the bait. The FTC has advice about how to stay on guard against this type of scam. To learn more, see the consumer alert “Bank Failures, Mergers and Takeovers: A ‘Phish-erman’s Special,’” at http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt089.shtm.
      
    		•

     

    Anti-Phishing Working Group
    The Anti-Phishing Working Group (APWG) is the global pan-industrial and law enforcement association focused on eliminating the fraud and identity theft that result from phishing,pharming and email spoofing of all types.


    Have You Been Phished?
    Phish Stories
    Do you have a phish story you would like to share to help educate others through our Phishing Trends Report?
        Send us a note with this form
     

    APWG Sponsoring Members:
      click here for a full listing