membership

Report Phishing

Report phishing emails, pharming sites and crimeware to the Anti-Phishing Working Group and help stop this insidious threat to e-commerce. Click "Report Phishing" link below for instructions.
--  Home
--  Report Phishing
--  APWG Events
--  Resources
--  eCrime & Phishing News
--  Phishing Education
--  Crimeware Map
--  Membership
--  APWG Member Site
--  Contact Us
--  JOIN THE APWG
 
APWG Global
Research Partners:

 

 
APWG eCrime Newswire
Powered by Exfacto!
 

 
 
 
Note: A discounted Student registration rate is availaibe.
Contact admin@antiphishing.org for details
 
Technical Sponsor

 
Silver Level Sponsor
Afilias
 
Silver Owl Student Scholarship Sponsor
MarkMonitor

http://www.sei.cmu.edu/
 
Meeting Focus

The APWG is pleased to present the 2008 Fall General Meeting. Please join us at this opportunity to bring yourself up-to-date on phishing's evolution across the globe. Count on two full days of presentations, panel discussions and in-depth round-tables with a review of the last five years of meetings and deliverables. As well, we will look into the future of APWG for guidance from our eclectic member base.

At this two-day members-only meeting, the APWG will examine crimeware's evolution, the roles of Registrars, Registries and DNS in managing phishing attacks, public health approaches to managing the Botnet scourge, behavioral vulnerabilities and human factors that contribute to phishing's success as well as breaking news on Counter-eCrime tools and resources.

APWG Members and Non-Members Please Note: The sessions at the Fall General Meeting are open to APWG Members Only. APWG organizers will vet all registrants that sign up for the conference. Interlopers will not be accommodated. The accompanying eCrime Researchers Summit is a public event open to all registrations. If you haven't already, check membership rules and benefits at: http://www.antiphishing.org/membership.html Members at the individual level and above are eligible to attend conferences.
 
Program Overview

Presentations at the opening of the program will be delivered by ecrime responders within the APWG, its Global Research Partners and law enforcement personnel who will discuss national and regional ecrime trends and individual case studies about resolving specific electronic crime cases. Presenters will come from the ranks of private industry, private security companies, public law enforcement agencies, government agencies and national Computer Emergency Response Teams (CERT). True crime stories will be balanced with instruction about the skills the responders exercise as well as the data and tools employed to resolve phishing attacks.

APWG principals, research fellows and Global Research Partners will detail survey the eCrime landscape and present proposals for organizing global responses that will harmonize efforts of eCrime respondents and organize the work of securing the global network infrastructure. Furthermore, presenters will examine the development ecrime data exchange specifications and how they can be employed to optimize counter-ecrime applications. Presentations about industrial policy will investigate industrial policies that complicate the work of exploited brand holders and responders - such as the segments of domain name system (DNS) registration process that is abused by phishers as part of their phishing campaigns.
 
Program Deliverables

Though instruction is always an APWG priority, the other defining goal is to identify common forensic needs - in terms the data, tools and communications protocols that are required to inform and facilitate time-sensitive communications between counter-ecrime stakeholders.

APWG has surveyed a lot of proposals and all have merit but required some harmonization of effort in order to make them maximally useful. APWG hopes that at the end of the program, the ensuing dialog will produce defined projects to organize data, tools and communications protocols that are required by the larger counter-ecrime community.
 
Working Agenda 
(Under Construction and subject to change)
   
Tuesday, October 14
** Note that Tuesday's schedule is closed to non-APWG Members**
 
08:00 Registration and Breakfast
 		    

Conference Introduction and 2008 Global eCrime Field Survey
09:00 Welcome
 Conference Introduction and Institutional Retrospective

Dave Jevans
Chairman
APWG

Peter Cassidy
Secretary General
APWG
 

  
09:15   Global Overview of Phishing and eCrime Trends Dave Jevans
Chairman
APWG
 		  
09:30   Global Field Reports
 		 Katsuya Uchida
Institute of Information Security (Japan) & Council of Anti-Phishing Japan
 
Andrey Nikishin
Kaspersky Lab (Russia)
 
Cristine Hoepers
CERT.br (Brazil)
 		  
10:45  Break
 		  
11:15   Grid Computing as an Emerging Staging Platform for eCrime Enterprise
 		 Dan Hubbard
Websense, Inc.
 

The Desktop Threatscape
11:45   On Crimeware:
Mutation and Proliferation
 		 Richard Wang
Manager
SophosLabs
 		  
12:15   Broken Windows:
A look at the current environment of phishing
 		 John LaCour
Phishlabs
 		  
12:45  Lunch
 		  
14:00   Law Enforcement Keynote
 		 Howard Cox
US Department of Justice
 

Law Enforcement at the eCrime Frontier
14:30   Online Consumers at Risk and the Role of State Attorneys General
 		 Alissa Cooper
Center for Democracy and Technology
 		  
14:50   Authorship Identification Forensics on Phishing Emails
 		 Ebrima N. Ceesay
Computer Security Laboratory
University of California, Davis
  		 
15:15  Break
 		  
15:45   On Botnets and Crimeware Propagation
 
 Lawrence Baldwin
my | NetWatchman
 

The Network Threatscape
16:15   Cyberwarfare in the Russia-Georgia Conflict: Lessons Learned
 		 Don Jackson
SecureWorks
 		  
16:45   Stalking the Fast Flux Miscreants
 		 Nicolas Bourbaki

 		  
17:15 Conclusion of (Members-Only)
General Members Meeting programmed content
 		    
       
17:30   APWG Steering Committee Meeting
 		  
       
Wednesday, October 15
 		  
08:00 Registration and Breakfast
 		    
09:00 Welcome IEEE / APWG Inauguration of eCrime Researchers Summit
 

Human Factors and eCrime
09:15   Phishing and MySpace
 		 Shing Yin Khor
Fox Interactive Media (MySpace)
 
  
09:45   User Concerns:
Behavioral Targeting vs User Choice
  		Craig Spiezle
Microsoft
 		  
10:15   Defending the User:
New Approaches to Anti-Phishing		 D. K. Smetters, Ph.D.
Palo Alto Research Center (PARC)
 		  
10:45  Break
 		 eCrime Researchers Summit Poster Presentations will be on display during the break  
11:15   Leveraging the 'Teachable Moment': APWG/CMU Phishing Education Landing Page Program
  		Dr. Lorrie Faith Cranor
Carnegie Mellon University
 
Dr. Laura Mather
Kestrel Systems, Inc.
APWG Director of Operations and APWG Internet Policy Committee Co-Chair
 		  
11:45   Programming the Human Firewall: Precision Messaging and Consumer Education
 		 Michael Kaiser
National Cyber Security Alliance
 		  
12:15   Mule Fool Proposal:
Public Education on the Dangers of Money Muling
 		 Phil Hallam-Baker
Verisign
 		  
12:45  Lunch
  		 
14:00   Human Factors and eCrime Roundtable
 		 Shing Yin Khor
Dave Piscatello
Lorrie Faith Cranor
Craig Spiezle
Laura Mather
D.K. Smetters
Michael Kaiser
Phil Hallam-Baker
 		  
14:45   IODEF Extensions: A Lingua Franca for Communicating and Processing Electronic Crime Reports
 		 Pat Cain
CooperCain, Inc. and APWG Resident Research Fellow
 

The Infrastructure Report
15:15   The Phantom Menace:
Untraceable Registrars		 Garth Bruen
KnujOn

Chris Barton
McAfee
  		 
15:45  Break
 		 eCrime Researchers Summit Poster Presentations will be on display during the break  
16:15   Game-Changing Legislation for Abusive Domains: Online Pharmacy Consumer Protection Act of 2008
 		 Ben Butler
GoDaddy
 

The Industrial Policy Report
16:45   Report on DNS Abuse Remediation:
Accelerated Domain Suspension Process for Registries
 		 APWG Internet Policy Working Group

Rod Rasmussen
Internet Identity
 
Dr. Laura Mather
Kestrel Systems, Inc.
 
Mike Rodenbaugh
Rodenbaugh Law
 		  
17:05   Global Phishing Survey: Domain Name Use and Trends in 1H2008
  		Greg Aaron
Afilias

Rod Rasmussen
Internet Identity
 
  
17:30 Birds of a Feather Sessions Institutional Data Sharing (By invitation)
 		 Pat Cain
APWG
 		  
    Consumer Education Initiatives and Anti-Muling Programs
 		 Aimee Larsen Kirkpatrick
National Cyber Security Alliance

Phil Hallam-Baker
Verisign
 		  
  eCrime Researchers Summit Poster Presentations
 
Susceptibility to Phishing Risk and False Alarms
 		 J Downs, M Holbrook, L Cranor
 
Do Data Breach Disclosure Laws Reduce Identity Theft?
 		 Sasha Romanosky, Rahul Telang, Alessandro Acquisti
 
Helping Phishing Volunteers Make a Bigger Dent
 		 Hong Pendleton
 
18:15 Conclusion of eCrime Researchers Summit Day One programmed content
 		  
       
19:30 Gala Dinner Please join us for dinner, networking and presentation of this years Best Paper Award for our eCrime Researchers Summit.
 
       
Thursday, October 16
 		  
08:00 Breakfast
 		      
09:00   Lessons From a Real World Evaluation of Anti-Phishing Training
 		 Ponnurangam Kumaraguru, Steve Sheng, Alessandro Acquisti, Lorrie Cranor,
Jason Hong
Carnegie Mellon University
 

eCrime Researchers Summit
Peer-Reviewed Research
09:30   Internet Situation Awareness
 		 Malte Hesse, Norbert Pohlmann
Gelsenkirchen University of Applied Sciences
 		  
10:00   Practice & Prevention of Home-Router Mid-Stream Injection Attacks
 		 Steven Myers
Indiana University at Bloomington
 
Sid Stamm
Indiana University at Bloomington
 		  
10:30  Break
 		 eCrime Researchers Summit Poster Presentations will be on display during the break  
11:00   Testing and Results of Antiphishing Toolbar Performance
 		 Steve Sheng
Carnegie Mellon University
 		  
11:30   The consequence of non-cooperation in the fight against phishing
 		 Tyler Moore
Center for Research on Computation and Society
Harvard University
 
Richard Clayton
Computer Laboratory
University of Cambridge
 		  
12:00   A Distributed Architecture for Phishing Detection using Bayesian
Additive Regression Trees
 		 Saeed Abu-Nimeh, Dario Nappa, Xinlei Wang, Suku Nair
Southern Methodist University
 		  
12:30   Legal Risks For Phishing Researchers
 		 Christopher Soghoian
Berkman Center for Internet & Society
 		  
13:00  Lunch
 		  
14:15   Automating Phishing Website Identification Through Deep MD5 Matching
 		 Brad Wardman, Gary Warner
University of Alabama at Birmingham
 		  
14:45   Evolutionary Study of Phishing
 		 Danesh Irani, Steve Webb, Jonathon Giffin, Calton Pu
Georgia Institute of Technology
 		  
15:15   Panel: Forensic Aspects of eCrime Research That Distinguish the Discipline from Conventional IT Security
 		 Gary Warner
UAB

Lawrence Baldwin
myNetWatchman.com
 		  
16:00 Closing Commets and announcements for the 2009 eCrime Researchers Summit
 		  
       
       
       
Location, Transport and Accommodation Logistics

The 2008 eCrime Researchers Summit and all event meetings are being held at the DoubleTree Hotel Buckhead located in the center of Atlanta, Georgia's eclectic, cosmopolitan and affluent Buckhead district. A lively community with deep cultural and arts resources - as well as world-class shopping and dining - whose history harkens back to Atlanta's Golden Age - a period which never actually ended.

Buckhead History
Buckhead Theatre

Registration for this event will be opened in later spring or early summer 2008. Please check this site for updates.

DoubleTree Hotel Buckhead
3342 Peachtree Road, NE
Atlanta, Georgia 30326
(404) 231-1234
(404) 231-3112 - Fax

 

Click here for hotel reservataions
 

 Buckhead Map
Call for Presentations
APWG members, research partner and correspondents are invited and encouraged to submit their proposals for presentations and panel discussions to APWG Program Committee at proposals@antiphishing.org.
Vendor Sponsorship Opportunities

APWG is offering an opportunity to build relationships while marketing your company to a targeted audience of security, messaging and financial professionals. Sponsorships are a personal, non-intrusive way of conveying your message. Additionally, your participation can help support activities vital to the overall success of the APWG and its research partners, which ultimately contributes to the success of the entire counter-phishing stakeholders' community.

The following benefits are available to Meeting Sponsors, once your sponsorship is confirmed:

- Recognition in on-site signage displayed during the meal or break
- Distribution of one giveaway such as a literature pack or chotchkee

There are a number of meal, break and entertainment sponsorship opportunities available for APWG members who want to use this meetings as an opportunity to communicate their brand and message to members of the APWG and presenters, each either a critical decision maker or a thought leader in his or her own right.
Press Announcements

Below are press releasements related to this event.