Blog

blog search
sidebar cats

Phishing ended 2023 with a bang

Statistical Insights into the global Cybercrime experience, dns abuse, domain name abuse

For the 3-month period ending January 31, 2024, Interisle Consulting Group processed a staggering 1M reports at our Cybercrime Information Center from our phishing feeds (a 19% increase over the prior quarter). These resources abetted…

Taking Back Cyberspace From the Cybercrime Plexus

Events

APWG 2024 eCrime Conference Focuses on Rolling Back Digital Chaos That’s Come to Rule the Internet and Its Animating Infrastructure in the Last 20 Years This year’s Symposium on Electronic Crime Research (eCrime 2024) in…

APWG Q4 Report Finds 2023 Was Record Year for Phishing

Statistical Insights into the global Cybercrime experience

APWG Members Witnessing Troubling New Surges in Phone-Based Cybercrime CAMBRIDGE, Mass., April 16, 2024 – The APWG’s Q4 2023 Phishing Activity Trends Report reveals that the APWG observed almost five million phishing attacks in 2023, making it…

APWG Provides Awareness and Alerting Utilities to Industry and Consumers for Cybersecurity Awareness Month 2022

Detection and/or mitigation of Cybercrime

APWG’s Counter-cybercrime R&D Forge Proffers Programs for Education, Awareness and Alerting Every Day of the Year 

<a class="use-lightbox floated-featured-image img-responsive pull-right tl-html" style="color: var(–brand-color-link);text-decoration: none;float: right;font-family: Montserrat, sans-serif" title="" href="https://cdn.newswire.com/files/x/d0/55/b775e2cbc0420219b1ec421b0f08.jpg" rel="noopener" data-alt="SEE CYBERCRIME | REPORT CYBERCRIME – An APWG Global Reporting Program" data-caption="SEE CYBERCRIME | REPORT CYBERCRIME – An APWG Global Reporting Program" data-original-title="SEE CYBERCRIME | REPORT CYBERCRIME – An APWG Global Reporting Program


SEE CYBERCRIME | REPORT CYBERCRIME – An APWG Global Reporting Program”>

In support of Cybersecurity Awareness Month 2022, APWG is reminding all counter-cybercrime communities of the awareness, education and cybercrime-reporting utilities that the global association maintains for industry and consumers worldwide.

This year’s CSAM campaign theme — See Yourself in Cyber — speaks directly to APWG cybercrime suppression objectives, including the CSAM imperative for 2022 to recognize and report phishing — a cybersecurity standard operating procedure (SOP) that APWG enabled programmatically in 2004 with its phishing mail reporting service — the same year CSAM was established by presidential declaration.

The APWG’s three awareness and education programs for industry and consumers support that the activist motivations of the CSAM 2022 campaign are: 

Pull the Alarm: Report Phishing to reportphishing@apwg.org and Be the First to Point to the Bad Guys

The APWG Report Phishing forward program has routed billions of phishing email lures to industrial processes and analysts since it was formally established in 2004, a mechanism used by the general public, commercial enterprises, national governments and multilateral treaty organizations worldwide. Currently, the Report Phishing forward service processes a half million reports per month.

If you have received a suspicious or obviously malicious phishing email, you can forward those to APWG for analysis and processing by APWG member companies and institutions.

The best way to do this is to simply forward the suspected phishing email to reportphishing@apwg.org. Forwarding suspected phishing emails to APWG contributes directly to fraud and crime prevention services to protect users and track criminal activity. 

If your email client supports the option to “Forward As Attachment,” please use it as this will provide APWG’s systems with more detail for our member institutions to trace and monitor phishing websites.

All data is handled responsibly and under contract with the APWG-vetted member community. 

APWG Proffers Awareness Jujitsu for Web Hosting Industry: Replace Phishing Pages With Educational Messaging

In 2009, APWG and the Carnegie Mellon CyLab Usable Privacy and Security Laboratory (CUPS) established a redirect utility for ISPs that forwards users clicking on links to decommissioned phishing web pages to a special page of educational tips and advice.

The Phishing Education Landing Page replaces phishing pages with a redirect script that sends users to educational instruction when they click on phishing URLs — instead of a confusing and largely blank Error 404 message.

As part of the process for shutting down a phishing website, APWG requests that ISPs, registrars, and parties with control of a phishing page to redirect visitors to phishing websites to the Phishing Education Landing Page at http://education.apwg.org/r

The APWG CMU Phishing Education Landing Page has been in continuous operation since 2009, reminding millions of credulous consumers to take care in their web-borne travels. The educational messaging is presented in one of 21 languages, calibrated to the language settings of users’ browsers.

The STOP. THINK. CONNECT. Cybersecurity Awareness Campaign Provides Tested Messaging for Reminding Users of Best Cyber Practices

The STOP. THINK. CONNECT. program is a cybersecurity public awareness campaign of shared assets promoted by industry, NGOs and national government deployments — and through cooperative relationships with multilateral treaty organizations. Currently, the campaign is deployed in dozens of countries

STOP. THINK. CONNECT. was conceived and initially proposed as a Messaging Convention by the APWG to its members in 2008 as a way to optimize user awareness and education by unifying the cybersecurity awareness messaging they receive and reducing the clutter of uncoordinated, inconsonant efforts. 

The campaign has been deployed by cabinet ministries, national CERTs, government agencies and NGOs in some 25 nations —  the first in the United States in 2010. Most recently, the Messaging Convention has completed cooperative agreements with ministries in South America and Central Asia. See: https://messagingconvention.org/national-curators

The STOP. THINK. CONNECT. slogan and badge and advisory suite is a complete package for a national, regional or localized cybersecurity awareness campaign and is offered at no cost and with no restriction on educational uses of the assets.

Global Online Scam Summit II

Events

Goal of the 1st Global Online Scam Summit (GOSS) is to let Consumer Protection Agencies, Law Enforcement Bureaus, Governments, NGOs and Commercial Organizations work together to fight online fraud more effectively on a global scale…

eCrime 2020 Research Papers

Uncategorised

The research papers to be published in conjunction with the Virtual 2020 Symposium on Electronic Crime Research have been selected.  Register and join the event to be hosted November 16 – 19, 2020 to see…

Symposium on Global Cybersecurity Awareness

Events, Link

Join us for the APWG.EU’s fifth annual Symposium on Global Cybersecurity Awareness by sharing your expertise and informing our efforts to make cybersecurity awareness and education a primary global defense and prevention mechanism against cybercrime…

EU Symposium on Electronic Crime Research 2020

Events, Link

eCrimeEU 2020 is being presented in collaboration with INTERPOL, the official host of the event at the agency’s headquarters in Lyon, France this Spring. This event will present state-of-the-art research into cybercrime investigations, forensic techniques…

NPOL RSA Conference 2020

Events

Meet and mingle with industry, policy and government leaders in security and privacy at the Nonprofits on the Loose soirée. Enjoy good food, drink and music while networking and having a great time.

eCrimeEU 2019 – Symposium on Electronic Crime Research

Events, Link

This year ́s eCrimeEU will present and consider current research projects on cybercrime investigations, forensic techniques and infrastructure defense against cyber-attacks and manipulation. The symposium’s operational and research insights for fighting electronic crime will be…

2018 Q3 – Phishing Activity Trends Report

Uncategorised

Summary Phishing that targeted cloud storage and file hosting sites fell, while phishing against payment processors and banks remained high Phishing remains most prevalent in the old, large gTLD .COM. But phishing is higher than…

2018 Q4 – Phishing Activity Trends Report

Uncategorised

Summary The number of confirmed phishing sites declined as 2018 proceeded. Detection of phishing sites has become harder because phishers are obfuscating phishing URLs with multiple redirections. Phishing that targeted SaaS and webmail services doubled…

2019 Q1 – Phishing Activity Trends Report

Uncategorised

Summary Phishing that targeted Software-as-a-Service (SaaS) and webmail services became the biggest category of phishing. At 36 percent of all phishing attacks, it eclipsed phishing against the payment services category for the first time. The…

APWG.EU Bucharest Symposium on Cybersecurity Awareness

Events, Link

The fourth annual Symposium on Cybersecurity Awareness explores the exchange of best practices for cybersecurity awareness campaign deployment at the national and transnational levels.  Join us in Bucharest, Romania on June 26 – 27, 2019.

FloCon 2018

Events

FloCon provides a forum for exploring large-scale, next-generation data analytics in support of security operations. FloCon is geared toward operational analysts, tool developers, researchers, security professionals, and others interested in applying cutting-edge techniques to analyze…

LACNIC / LACNOG

Events

More information LACNIC – LACNOG one of the most important Internet events in the region that brings together experts and representatives of academia, civil society, the private sector, governments, and the telecommunications industry. The event…

CODE BLUE 2018

Events

CODE BLUE, hosted in Tokyo October 29 & November 2, 2018, is an international conference where the world’s top class information security specialists gather to give cutting edge talks, and is a place for all…

SEGURINFO

Events

La trigésimo quinta edición del Congreso, SEGURINFO, promete continuar con sus aportes a la comunidad en un ámbito de creciente importancia a nivel mundial, como lo es la seguridad de la información. La intención de este…

WHOIS Tiered Access and Accreditation Program

Uncategorised

ICANN Org has proposed an accreditation program to provide tiered access to non-public WHOIS data. This program would involve “codes of conduct which would establish the standardized criteria, limitations, and responsibilities for granting access to non-public…

ICANN’s Temporary Specification Survey

Uncategorised

To: Goran Marby, CEO, ICANN Cherine Chalaby, COB, ICANN Rod Rasmussen, Chairman, ICANN SSAC From: Dave Jevans, on behalf of the Anti-Phishing Working Group Members and Board of Directors Dear Sirs, The AntiPhishing Working Group…

The New Face of Phishing

Uncategorised

DAVE PISCITELLO, VP SECURITY, ICANN AND APWG BOARD OF DIRECTORS Phishing has long been associated with cybercrimes that use deception – particularly, social engineering – to dupe victims into disclosing personal or financial account data. Once disclosed,…

How the GDPR affects our data sharing efforts.

Uncategorised

For the past several months we’ve all heard about the new European Union (EU) privacy law that went into effect a few weeks ago – the General Data Protection Regulation (GDPR)(EU-2016/679). Some parties had suggested…