Korea Phishing Activity Trends Report

Size: px
Start display at page:

Download "Korea Phishing Activity Trends Report"

Transcription

1 Korea Phishing Activity Trends Report June, 2006 Issued by KrCERT/CC, Korea Internet Security Center Korea Phishing Activity Trends Report analyzes phishing attacks reported to KrCERT/CC via the organization s website at and submission to phishing@krcert.or.kr, cert@certcc.or.kr. Highlights Number of active Phishing sites reported in June: 114 Average monthly growth rate in Phishing sites July 2004 through June 2006: 13% Number of brands hijacked by Phishing campaigns in June: 20 Number of brands comprising the top 80% of Phishing campaigns in June: 5 Country which most hijacked brands belong to in June: United States Contain some form of target name in URL: 28 % Percentage of sites not using port 80: 16.6 % (Figure 1) Active Reported Phishing Sites by week May 2006 June 2006

2 Phishing Site Trends 1 In June, there were 114 unique phishing sites reported to the KrCERT/CC. There was 12% decrease in number compared to that of the last month (130 in April). Compared with the number of the same period last year(116 in June 2005), the number is similar, only the difference of 2 cases in the number of reports. The total number of phishing reported to KrCERT/CC in the first half of 2006 is 685 and the average number is 114. Compared with the average number of phishing sites in 2005(the whole year : 90.5, the second half : 103). From the fact that the recent average number of phishing sites is gradually increasing, it can be inferred that the phishing sites cases or attempts targeting for the financial objectives are increasing. The main stream of cyber attacks has evolved from the fame within the community to the financial gain. The widespread of spam mails can be explained with the same reason. All Internet users should be more cautious about the possibility of financial loss by the Internet fraud. In addition, many insecure servers are hacked and exploited as the phishing sites for deceiving users who input their personal and financial information. (Figure 2) Active Reported Phishing Sites by Month Jan 2005 June Because most of phishing s are written in English, Korean users usually delete the phishing s without reading phishing mails. Although the financial loss involved with phishing s has not occurred yet, many Korean websites are exploited as phishing sites.

3 Ports used in phishing data collection server Most of the phishing attacks reported to KrCERT/CC used port 80. In June, 83.3% of phishing sites use port 80, web service port. Since the phishing sites are also a sort of the web service for obtaining financial information, they are using port 80, the port for WWW(World Wide Web). The ratio of port 80 is slightly decreased, compared with that of last month(88.4%, refer to Fig 4.) (Figure 3) Ports used in phishing data collection server in June 2006 (Figure 4) The ratio and number of Phishing Sites using Port 80 by Month Jan June 2006

4 Brands hijacked as phishing sites The most hijacked brands reported to KrCERT/CC are online marketplace company(ecommerce) and online payment gateway company(financial service) in June, These two brands take over the half (69.2%) of all phishing report to KrCERT/CC. The ratio of phishing sites for two brands in June were 35.9% and 33.3%. The rank of two brands changed and the phishing sites for online marketplace company increased(4 more cases) and those for online payment gateway company decreased(8 less cases). Although the number of two brands decreased, the ratio of two brands increased. However, the ratio of two brands usually lies between 50% and 60%; the two brands ratio in this month is 63.8%. The total number of hijacked brands reported to KrCERT/CC in June 2006 is 20. The number of brands comprising the top 80% of phishing reports in June is 5. One brand is in e-commerce category and other four are in financial service category. Many brands are from United States. Most-Targeted Industry Sectors The most targeted industry sector for phishing attacks is financial services. This sector occupies 62.2% of all hijacked brands in June. The ratio for financial service decreased about 8 percents, compared with that of last month. Among 20 hijacked brands in June, 18 brands are from financial service sector, one from e-commerce sector and the other from the government. The reason why so many brands in financial service sector are hijacked is that the information collected from phishing sites can be used directly for financial fraud such as illegal bank account withdrawal and credit card use. (Figure 5) Hijacked Brands by Industry Sector June 2006

5 Countries in which hijacked brands belong to United States, the country which most hijacked brands belong to, takes about 85% in June. There are 8 countries in which hijacked brands belong to in June. Germany and Australia occupy 4% each, and other countries 8%. (Figure 6) Countries in which hijacked brands belong to Economy Industry Sector # of Targeted brand # of reports Financial 9 54 United States e-commerce Government 1 2 Germany Financial 2 4 Australia Financial 2 4 Switzerland Financial 1 2 Spain Financial 1 2 United Kingdom Financial 1 2 Hong Kong Financial 1 2 Canada Financial countries - 20 brands 114 cases

6 [Annex] Phishing Handling Process of KrCERT/CC Phishing handling is performed based on the following formal process; 1. Receive incident reports of Phishing sites to : phishing@krcert.or.kr, cert@certcc.or.kr Web: 2. Phishing Handling Find out the IP of the targeted site (from contents and target system URL) If the IP is from (Whois search) Domestic: Request appropriate measures to possibly compromised server after identifying the organization Phishing sites located on public and academic organizations (elementary, middle, high school, and national universities) are escalated to NCSC(National Cyber Security Center) Abroad: Request Phishing handling to the correspondent foreign CERT Cases from abroad are included in KrCERT/CC s Phishing handling database, but excluded from the statistics < Handling process according to IP search result > IP search result Acquired org. s info. Fail to acquire org. s info. Handling process Call and deliver the phishing incident information to the targeted organization, request to block the site immediately, and send an with the detail Send an to Abuse account of its ISP Call domestic ISP for re-request if it is not blocked within a day 3. Assign a number and put it into database Phishing sites reported to KrCERT/CC Categorize the type and assign an incident number (tickets) put it into database

7 4. Phishing Handling Database Build a database with acquired information by phone and Database fields: handling number, IP, reported time, time of shutdown, name of the targeted brand, contact info, reporter s info., port used, fraud website, phishing URL, message delivery method, info. extorted by phishing, system OS, server usage 5. Report daily statistics of Phishing site to KrCERT/CC 6. Write Phishing Statistics Report Apply phishing database to monthly Phishing Activity Report, and use it to cooperate with APWG (Anti-Phishing Working Group)

Phishing Activity Trends Report October, 2004

Phishing Activity Trends Report October, 2004 Phishing Activity Trends Report October, 2004 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent websites which attempt to trick them into divulging

More information

Phishing Activity Trends Report August, 2006

Phishing Activity Trends Report August, 2006 Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account

More information

Phishing Activity Trends Report August, 2005

Phishing Activity Trends Report August, 2005 Phishing Activity Trends Report August, 25 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial

More information

Phishing Activity Trends

Phishing Activity Trends Phishing Activity Trends Report for the Month of, 27 Summarization of Report Findings The number of phishing reports received rose to 24,853 in, an increase of over 1, from February but still more than

More information

Phishing Activity Trends Report March, 2005

Phishing Activity Trends Report March, 2005 Phishing Activity Trends Report March, 2005 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent websites which attempt to trick them into divulging

More information

Phishing Activity Trends Report January, 2005

Phishing Activity Trends Report January, 2005 Phishing Activity Trends Report January, 2005 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent web sites which attempt to trick them into divulging

More information

August 2009 Report #22

August 2009 Report #22 August 2009 Report #22 The data in this report is aggregated from a combination of sources including Symantec s Phish Report Network (PRN), strategic partners, customers and security solutions. This report

More information

Phishing Activity Trends

Phishing Activity Trends Phishing Activity Trends Report for the Month of September, 2007 Summarization of September Report Findings The total number of unique phishing reports submitted to APWG in September 2007 was 38,514, an

More information

Phishing Activity Trends

Phishing Activity Trends Phishing Activity Trends Report for the Month of July, 2007 Summarization of July Report Findings For the first time recorded by the APWG, China has surpassed the United States as the country hosting the

More information

Phishing Activity Trends Report November, 2004

Phishing Activity Trends Report November, 2004 Phishing Activity Trends Report November, 2004 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent websites which attempt to trick them into divulging

More information

October 2009 Report #24

October 2009 Report #24 October 2009 Report #24 The data in this report is aggregated from a combination of sources including Symantec s Phish Report Network (PRN), strategic partners, customers and security solutions. This report

More information

Phishing Activity Trends

Phishing Activity Trends Phishing Activity Trends Report for the Month of June, 2007 Summarization of June Report Findings In the June 2007 report the APWG introduces a brand-domain pairs measurement (page 4) which combines the

More information

December 2009 Report #26

December 2009 Report #26 December 2009 Report #26 The data in this report is aggregated from a combination of sources including Symantec s Phish Report Network (PRN), strategic partners, customers and security solutions. This

More information

Anti-Phishing Working Group

Anti-Phishing Working Group Phishing Attack Trends Report April, 2004 Phishing attacks use spoofed e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account

More information

Phishing Activity Trends Report. 4 th Quarter Unifying the. Global Response To Cybercrime. October December 2012

Phishing Activity Trends Report. 4 th Quarter Unifying the. Global Response To Cybercrime. October December 2012 4 th Quarter 2012 Unifying the Global Response To Cybercrime October December 2012 Published April 24, 2013 Phishing Report Scope The APWG analyzes phishing attacks reported to the APWG by its member companies,

More information

JPCERT/CC Incident Handling Report [October 1, 2015 December 31, 2015]

JPCERT/CC Incident Handling Report [October 1, 2015 December 31, 2015] JPCERT-IR-2015-05 Issued: 2016-01-14 JPCERT/CC Incident Handling Report [October 1, 2015 December 31, 2015] 1. About the Incident Handling Report JPCERT Coordination Center (herein, JPCERT/CC) receives

More information

Phishing Activity Trends Report. 3 rd Quarter Committed to Wiping Out Internet Scams and Fraud

Phishing Activity Trends Report. 3 rd Quarter Committed to Wiping Out Internet Scams and Fraud 3 rd Quarter 2009 Committed to Wiping Out Internet Scams and Fraud July September 2009 Phishing Report Scope The quarterly APWG analyzes phishing attacks reported to the APWG by its member companies, its

More information

RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY

RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY RSA CYOTA PROJECT PROPOSAL RSA FRAUDACTION ANTI-PHISHING SERVICE V.1 2011 Overview This brief highlights the benefits

More information

MARKET NEWSLETTER No 69 February 2013

MARKET NEWSLETTER No 69 February 2013 Standing at 543 600 t, Spanish olive oil production in the first four months of 2012/13 was 62 pc down on the previous season, according to Spain s Olive Oil Agency. Although there are still some months

More information

Phishing Activity Trends Report. 3 rd Quarter Unifying the. Global Response To Cybercrime. July September 2012

Phishing Activity Trends Report. 3 rd Quarter Unifying the. Global Response To Cybercrime. July September 2012 3 rd Quarter 2012 Unifying the Global Response To Cybercrime July September 2012 Published February 1, 2013 , Phishing Report Scope The APWG analyzes phishing attacks reported to the APWG by its member

More information

Top 10 Global Threat Rank by Source

Top 10 Global Threat Rank by Source Symantec Internet Security Threat Report, Volume 21 1 Top 10 Threat by Source WORLD RANK PERCENTAGE OF GLOBAL DETECTIONS China 1 2 10.6% 23.7% United States 2 1 18.9% 20.7% India Netherlands Taiwan Turkey

More information

Croatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP

Croatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP Croatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP Croatian National CERT (HR-CERT) mission: Promoting and preserving information security of public

More information

Security & Phishing

Security & Phishing Email Security & Phishing Best Practices In Cybersecurity Presenters Bill Shieh Guest Speaker Staff Engineer Information Security Ellie Mae Supervisory Special Agent Cyber Crime FBI 2 What Is Phishing?

More information

Phishing Read Behind The Lines

Phishing Read Behind The Lines Phishing Read Behind The Lines Veljko Pejović veljko@cs.ucsb.edu What is Phishing? "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and

More information

Internet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008

Internet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008 Internet Security Threat Report Volume XIII Patrick Martin Senior Product Manager Symantec Security Response October, 2008 Agenda 1 ISTR XIII Important Facts 2 ISTR XIII Key Messages 3 ISTR XIII Key Facts

More information

Issues in Using DNS Whois Data for Phishing Site Take Down

Issues in Using DNS Whois Data for Phishing Site Take Down Issues in Using DNS Whois Data for Phishing Site Take Down The Anti-Phishing Working Group DNS Policy Committee (www.antiphishing.org) May 2007 Summary Given fundamental policy changes regarding accessibility

More information

Bank of america report phishing

Bank of america report phishing Search Search pages & people Search Search Search pages & people Search Bank of america report phishing email We recently discovered a new phishing scam from a Bank of America spam email some reports that

More information

Third Annual Green IT & Sustainability Survey: U.S. Results and Services Implications

Third Annual Green IT & Sustainability Survey: U.S. Results and Services Implications Third Annual Green IT & Sustainability Survey: U.S. Results and Services Implications Gard Little Research Manager Worldwide Services, Global Services Markets & Trends 2009 IDC 1 Agenda Overview of the

More information

JPCERT/CC Incident Handling Report [January 1, March 31, 2018]

JPCERT/CC Incident Handling Report [January 1, March 31, 2018] JPCERT-IR-2018-01 Issued: 2018-04-12 JPCERT/CC Incident Handling Report [January 1, 2018 - March 31, 2018] 1. About the Incident Handling Report JPCERT Coordination Center (herein, JPCERT/CC) receives

More information

Anti-Phishing Working Group

Anti-Phishing Working Group Anti-Phishing Working Group www.antiphishing.org DNS Policy Sub-Committee Overview Rod Rasmussen Rod.Rasmussen@InternetIdentity.com Anti-Phishing Working Group Launched in 2003 2600+ members 1600+ companies

More information

4 th Quarter Phishing Activity Trends Report. Unifying the Global Response To Cybercrime. Activity October December 2017.

4 th Quarter Phishing Activity Trends Report. Unifying the Global Response To Cybercrime. Activity October December 2017. 4 th Quarter 2017 Unifying the Global Response To Cybercrime Table of Contents Statistical Highlights for 2nd Quarter 2017 3 Phishing E-mail Reports and Phishing Site Trends 4 Brand-Domain Pairs Measurement

More information

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011 How technology changed fraud investigations Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011 The Changing Cyberfraud Landscape Underground Economy Malware Authors Organized

More information

Improving Domain Names Utilization

Improving Domain Names Utilization Improving Domain Names Utilization Ning Kong June 27, 2017 Content Status Quo of Chinese Phishing Websites Anti-Phishing Alliance of China (APAC) Suggestions for Improving Domain Names Utilization Q &

More information

GLOBAL MOBILE PAYMENT METHODS: FIRST HALF 2016

GLOBAL MOBILE PAYMENT METHODS: FIRST HALF 2016 PUBLICATION DATE: OCTOBER 2016 PAGE 2 GENERAL INFORMATION I PAGE 3 KEY FINDINGS I PAGE 4-8 TABLE OF CONTENTS I PAGE 9 REPORT-SPECIFIC SAMPLE CHARTS I PAGE 10 METHODOLOGY I PAGE 11 RELATED REPORTS I PAGE

More information

New Zealand National Cyber Security Centre Incident Summary

New Zealand National Cyber Security Centre Incident Summary New Zealand National Cyber Security Centre 2013 Incident Summary National Cyber Security Centre 2013 Incident Summary Foreword The incidents summarised in this report reinforce that cyber security is truly

More information

Introduction of APCERT APCERT

Introduction of APCERT APCERT Introduction of Yurie Ito, JPCERT/CC (On behalf of the Secretariat) (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security Incident Response Teams). The

More information

Be certain. MessageLabs Intelligence: May 2006

Be certain. MessageLabs Intelligence: May 2006 Be certain MessageLabs Intelligence: May 2006 Introduction Welcome to the May edition of the MessageLabs Intelligence monthly report. This report provides the latest threat trends for May 2006 to keep

More information

spam goes mobile Comverse User Forum 29th June 2005, Marbella (Spain)

spam goes mobile Comverse User Forum 29th June 2005, Marbella (Spain) spam goes mobile Comverse User Forum 29th June 2005, Marbella (Spain) Lara Srivastava Project Director- ITU New Initiatives Programme Strategy and Policy Unit, ITU Note: The views expressed in this presentation

More information

ITU Regional Cybersecurity Forum for Asia-Pacific

ITU Regional Cybersecurity Forum for Asia-Pacific ITU Regional Cybersecurity Forum for Asia-Pacific Incident Management Capabilities Australia Country Case Study Graham Ingram General Manager AusCERT July 2008 Copyright 2008 AusCERT Not for further distribution

More information

Phishing Activity Trends Report. 4 th Quarter Committed to Wiping Out Internet Scams and Fraud

Phishing Activity Trends Report. 4 th Quarter Committed to Wiping Out Internet Scams and Fraud 4 th Quarter 2009 Committed to Wiping Out Internet Scams and Fraud October December 2009 Phishing Report Scope The quarterly APWG analyzes phishing attacks reported to the APWG by its member companies,

More information

Introduction of APCERT

Introduction of APCERT Introduction of APCERT Yurie Ito, JPCERT/CC (On behalf of the APCERT Secretariat) APCERT APCERT (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security

More information

4 USE OF ACCOUNTS. Use of accounts for digital payments. What are the overall changes since 2014?

4 USE OF ACCOUNTS. Use of accounts for digital payments. What are the overall changes since 2014? 4 USE OF ACCOUNTS Owning an account is an important first step toward financial inclusion. But to fully benefit from having an account, people need to be able to use it in safe and convenient ways. This

More information

WEB APPLICATION VULNERABILITIES

WEB APPLICATION VULNERABILITIES WEB APPLICATION VULNERABILITIES CONTENTS Introduction... 3 1. Materials and methods... 3 2. Executive summary... 4 3. Client snapshot... 4 4. Trends... 5 5. Manual web application security assessment...

More information

Israel Internet Security Threat Profile

Israel Internet Security Threat Profile Israel Internet Security Threat Profile Worldwide Ranking.%.%.%.%.%.%.%.%.%.%.% Overall Average Spam Zombies Malicious Code Phishing Hosts Bots Network Attacking Countries Copyright Symantec Corporation.

More information

SECURING THE DIGITAL ECONOMY. Reinventing the Internet for Trust

SECURING THE DIGITAL ECONOMY. Reinventing the Internet for Trust SECURING THE DIGITAL ECONOMY Reinventing the Internet for Trust The Internet Just Can t Keep Up Companies Are Increasingly Dependent on the Internet for Business Growth 90% 76% 18% 35% to rank business

More information

The situation of threats in cyberspace in the first half of 2018

The situation of threats in cyberspace in the first half of 2018 The situation of threats in cyberspace in the first half of 2018 1. Cyber-attacks (1) Scanning activities in cyberspace a. Overview of unexpected incoming packets to the sensors 1 The number of unexpected

More information

The State of Spam A Monthly Report June Generated by Symantec Messaging and Web Security

The State of Spam A Monthly Report June Generated by Symantec Messaging and Web Security The State of Spam A Monthly Report June 2007 Generated by Symantec Messaging and Web Security Monthly Spam Landscape Spam activity in May 2007 was overall consistent with trends observed in previous months.

More information

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH International Workshop on Criminal Justice Statistics on Cybercrime and Electronic Evidence

More information

Digital Opportunity Index. Michael Minges Telecommunications Management Group, Inc.

Digital Opportunity Index. Michael Minges Telecommunications Management Group, Inc. Digital Opportunity Index Michael Minges Telecommunications Management Group, Inc. Digital Opportunity Index (DOI) Why How Preliminary results Conclusions WSIS Plan of Action E. Follow-up and evaluation

More information

Botnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer

Botnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer Botnets: major players in the shadows Author Sébastien GOUTAL Chief Science Officer Table of contents Introduction... 3 Birth of a botnet... 4 Life of a botnet... 5 Death of a botnet... 8 Introduction

More information

Updates on Sharing Threat Data, Security Awareness and Policy Efforts to Fight Cybercrime

Updates on Sharing Threat Data, Security Awareness and Policy Efforts to Fight Cybercrime Updates on Sharing Threat Data, Security Awareness and Policy Efforts to Fight Cybercrime Foy Shiver Deputy Secretary General Agenda Who We Are Current Events Tracking Trends and Malicious Activities Education

More information

CE Advanced Network Security Phishing I

CE Advanced Network Security Phishing I CE 817 - Advanced Network Security Phishing I Lecture 15 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially obtained

More information

AdMob Mobile Metrics. Metrics Highlights. May 2010

AdMob Mobile Metrics. Metrics Highlights. May 2010 AdMob Mobile Metrics Metrics Highlights May 2010 Metrics Highlights Summary While mobile Internet requests are growing rapidly worldwide, there are regional differences in the devices used 92 countries

More information

UAE and the NRI A brief introduction. December 2016

UAE and the NRI A brief introduction. December 2016 UAE and the NRI A brief introduction December 2016 UAE Vision 2021 We aim to make the UAE among the best countries in the world by the Golden Jubilee of the Union. 1 UAE Vision 2021 Gov entities working

More information

The Challenge of Spam An Internet Society Public Policy Briefing

The Challenge of Spam An Internet Society Public Policy Briefing The Challenge of Spam An Internet Society Public Policy Briefing 30 October 2015 Introduction Spam email, those unsolicited email messages we find cluttering our inboxes, are a challenge for Internet users,

More information

Digital EAGLEs. Outlook and perspectives

Digital EAGLEs. Outlook and perspectives 2016 Digital EAGLEs Outlook and perspectives Fixed and Mobile broadband adoption rates in the next decade Changes in Fixed-Broadband penetration 2014-25 Changes in Mobile-Broadband penetration 2014-25

More information

Vajra Daily APT Cloud Scan

Vajra Daily APT Cloud Scan Vajra Daily APT Cloud Scan An Introduction Cyber Security & Privacy Foundation Pte Ltd Contact-director@cysecurity.co The Problem Hacking Incidents Persistent global hacking incidents on US Govt & Fortune

More information

Quarterly Sales (in millions) FY 16 FY 15 FY 14 Q1 $706.8 $731.1 $678.5 Q Q Q

Quarterly Sales (in millions) FY 16 FY 15 FY 14 Q1 $706.8 $731.1 $678.5 Q Q Q The following represents historical unaudited financial and statistical information regarding MSC s operations. MSC does not undertake any obligation to update any of the information presented below to

More information

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong How Enterprise Tackles Phishing Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong Hackers turning to easy marks - Social engineering Phishing was the #1 threat vector (> 50%) for Office

More information

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 The Cost of Phishing Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 Executive Summary.... 3 The Costs... 4 How To Estimate the Cost of an Attack.... 5 Table

More information

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document

More information

ThaiCERT Incident Response & Phishing cases in Thailand. By Kitisak Jirawannakool Thai Computer Emergency Response team (ThaiCERT)

ThaiCERT Incident Response & Phishing cases in Thailand. By Kitisak Jirawannakool Thai Computer Emergency Response team (ThaiCERT) ThaiCERT Incident Response & Phishing cases in Thailand By Kitisak Jirawannakool Thai Computer Emergency Response team (ThaiCERT) Agenda About ThaiCERT ThaiCERT IR Phishing in Thailand About ThaiCERT Ministry

More information

Cyber Crime Prosecution & Defence

Cyber Crime Prosecution & Defence Cyber Crime Prosecution & Defence www.asianlaws.org DID YOU KNOW? 5,035 cyber crime FIRs were registered in Bengaluru in 2018. Mumbai saw almost 3,000 cyber crime FIRs. Almost 16,000 Indian websites were

More information

CYBER SECURITY OPERATION CENTER

CYBER SECURITY OPERATION CENTER CYBER OPERATION CENTER Reply s new Cyber Security Operation Centre is a structure specialised in the provision of Premium-level security services, tailored to the customer's needs, processes, and the specific

More information

Report on Spamvertising and Phishing using.hk Domain Names and McAfee Report. ccnso Meeting June 24, 2008

Report on Spamvertising and Phishing using.hk Domain Names and McAfee Report. ccnso Meeting June 24, 2008 Report on Spamvertising and Phishing using.hk Domain Names and McAfee Report ccnso Meeting June 24, 2008 Agenda Introduction of HKIRC/HKDNR and.hk Domain Figure of Phishing and Spamvertising Common Patterns

More information

The Rise of Phishing. Dave Brunswick Tumbleweed Communications Anti-Phishing Working Group

The Rise of Phishing. Dave Brunswick Tumbleweed Communications Anti-Phishing Working Group The Rise of Phishing Dave Brunswick Tumbleweed Communications Anti-Phishing Working Group 2 The Anti-Phishing Working Group Industry association focused on eliminating identity theft and fraud from the

More information

All the Latest Data Security News. Best Practices and Compliance Information From the PCI Council

All the Latest Data Security News. Best Practices and Compliance Information From the PCI Council All the Latest Data Security News Best Practices and Compliance Information From the PCI Council 1 What is the PCI Security Standards Council? Collaboration Education Simplified solutions for merchants

More information

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic

More information

Senator the Hon Stephen Conroy Minister for Broadband, Communications and the Digital Economy. Deputy Leader of the Government in the Senate

Senator the Hon Stephen Conroy Minister for Broadband, Communications and the Digital Economy. Deputy Leader of the Government in the Senate Senator the Hon Stephen Conroy Minister for Broadband, Communications and the Digital Economy Deputy Leader of the Government in the Senate Towards a framework for cybersecurity and critical information

More information

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile Business devices and Continuity data collection. & Cybersecurity Anna Chan, Marketing Director,

More information

The State of Spam A Monthly Report August Generated by Symantec Messaging and Web Security

The State of Spam A Monthly Report August Generated by Symantec Messaging and Web Security The State of Spam A Monthly Report August 2007 Generated by Symantec Messaging and Web Security Monthly Spam Landscape While overall spam activity remained steady in July 2007, the tactics being used are

More information

APWG Global Phishing Survey 2H2010

APWG Global Phishing Survey 2H2010 APWG Global Phishing Survey 2H2010 Rod Rasmussen Greg Aaron June 21, 2011 Goals Study domain names and URLs to: Provide a consistent benchmark for scope of phishing problems worldwide Understand what phishers

More information

Best Practices in Public Information Management in Sri Lanka. Presented by Nimal Athukorala D.C. Dissanayake

Best Practices in Public Information Management in Sri Lanka. Presented by Nimal Athukorala D.C. Dissanayake Best Practices in Public Information Management in Sri Lanka Presented by Nimal Athukorala D.C. Dissanayake Content Objectives Method of Information Management Case Study- GIC Call Center GIC Web Portal

More information

MOBILE FORENSICS AND SECURITY

MOBILE FORENSICS AND SECURITY DHS S&T CYBER SECURITY DIVISION 2014 Cyber Security Division R&D Showcase MOBILE FORENSICS AND SECURITY NowSecure Andrew Hoog December 16, 2014 Mobile Devices Are Complicated Average Android Device 300

More information

Computer

Computer 2011-2014 Computer 2014.12. Contents 1. 2011-2013 China Computer Export Trend Analysis... 3 1.1. 2011-2013 China Computer Export Quantity Trend Analysis... 3 1.2. 2011-2013 China Computer Export Amount

More information

Update on ICANN Domain Name Registrant Work

Update on ICANN Domain Name Registrant Work 1 Update on ICANN Domain Name Registrant Work Brian Gutterman Registrant Program Manager GDD Strategic Programs ICANN60 1 November 2017 2 Agenda Focus on Registrants Service and Information Domain Name

More information

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.

More information

New Developments in the SpamPots Project

New Developments in the SpamPots Project New Developments in the SpamPots Project Klaus Steding-Jessen Cristine Hoepers CERT.br CERT Brazil http://www.cert.br/ NIC.br Brazilian Network Information Center http://www.nic.br/

More information

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Protecting Against Online Fraud. F5 EMEA Webinar August 2014 Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture

More information

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe Think Oslo 2018 Where Technology Meets Humanity Oslo Felicity March Cyber Resilience - Europe Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity

More information

Unofficial English translation offered by EuropElectro, for reference only

Unofficial English translation offered by EuropElectro, for reference only Ref. No. CNCA-00C-007 DETAILED IMPLEMENTATION RULES FOR COMPULSORY PRODUCTS CERTIFICATION Submission, Dissemination and Publication of Information Issued on Jan. 8, 2014 Implemented on Jan. 8, 2014 Published

More information

The Anti-Phishing Working Group: Electronic Crime, Fraud and Useful Attempts to Battle the Miscreants. Foy Shiver Deputy Secretary-General APWG

The Anti-Phishing Working Group: Electronic Crime, Fraud and Useful Attempts to Battle the Miscreants. Foy Shiver Deputy Secretary-General APWG The Anti-Phishing Working Group: Electronic Crime, Fraud and Useful Attempts to Battle the Miscreants Foy Shiver Deputy Secretary-General APWG APWG Institutional Profile Over 3000 members from almost 1800

More information

Machine-Powered Learning for People-Centered Security

Machine-Powered Learning for People-Centered Security White paper Machine-Powered Learning for People-Centered Security Protecting Email with the Proofpoint Stateful Composite Scoring Service www.proofpoint.com INTRODUCTION: OUTGUNNED AND OVERWHELMED Today

More information

OECD Methodology for Measuring the Information Society

OECD Methodology for Measuring the Information Society Gaborone, 28-29 October 2004 OECD Methodology for Measuring the Information Society Brigitte van Beuzekom OECD Economic Analysis and Statistics Division, Directorate for Science, Technology and Industry

More information

Information & Communication Technology Statistics 2017

Information & Communication Technology Statistics 2017 Information & Communication Technology Statistics 2017 STATISTICS BOTSWANA Private Bag 0024 Gaborone Botswana Tel: (+267) 367 1300. Fax: (+267) 395 2201. Toll Free: 0800 600 200 Email: info@statsbots.org.bw

More information

Evolution of Spear Phishing. White Paper

Evolution of Spear Phishing. White Paper Evolution of Spear Phishing White Paper Executive Summary Phishing is a well-known security threat, but few people understand the difference between phishing and spear phishing. Spear phishing is the latest

More information

Legal framework of ensuring of cyber security in the Republic of Azerbaijan

Legal framework of ensuring of cyber security in the Republic of Azerbaijan Legal framework of ensuring of cyber security in the Republic of Azerbaijan Bakhtiyar N.Mammadov Ministry of Communications and Information Technologies Head of Legal and HR Department ITU WSIS Thematic

More information

Telecommunication Regulatory Reform and the WTO Process

Telecommunication Regulatory Reform and the WTO Process Telecommunication Regulatory Reform and the WTO Process Dr Tim Kelly, ITU Session 1: Course on Telecom Policy, Regulation and Management, University of Witwatersrand, 6-7 May, 1999 * The views expressed

More information

Mapping the Frontiers of the Electronic Crime Threat From Consumers' Desktops to National Equities Markets

Mapping the Frontiers of the Electronic Crime Threat From Consumers' Desktops to National Equities Markets Mapping the Frontiers of the Electronic Crime Threat From Consumers' Desktops to National Equities Markets Peter Cassidy Secretary General www.antiphishing.org pcassidy@antiphishing.org Director of Research

More information

APTLD & MYNIC JOINT SURVEY

APTLD & MYNIC JOINT SURVEY INTERNET SECURITY & CCTLDS SURVEY RESULTS 24 th June 2008, Tuesday ccnso meeting, Paris, France Survey Objectives Survey Summary:- For APTLD members to examine the roles and responsibilities of cctlds

More information

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It The Credential Phishing Handbook Why It Still Works and 4 Steps to Prevent It Introduction Phishing is more than 20 years old, but still represents more than 90% of targeted attacks. The reason is simple:

More information

NOT PROTECTIVELY MARKED PHISHING. July 2016

NOT PROTECTIVELY MARKED PHISHING. July 2016 - PHISHING July 2016 1 Introduction: The purpose of this document is to provide an analysis of the most prevalent trends and characteristics of phishing campaigns in the UK in July 2016. The analysis is

More information

Evaluating DMARC Effectiveness for the Financial Services Industry

Evaluating DMARC Effectiveness for the Financial Services Industry Evaluating DMARC Effectiveness for the Financial Services Industry by Robert Holmes General Manager, Email Fraud Protection Return Path Executive Summary Email spoofing steadily increases annually. DMARC

More information

Australian Government Cyber-security Activities in the Pacific

Australian Government Cyber-security Activities in the Pacific Australian Government Cyber-security Activities in the Pacific Daniel Wells International Branch Department of Broadband, Communications and the Digital Economy Overview Australia s engagement with the

More information

Temporal Correlations between Spam and Phishing Websites

Temporal Correlations between Spam and Phishing Websites Temporal Correlations between Spam and Phishing Websites, Richard Clayton and Henry Stern Center for Research on Computation and Society Harvard University USENIX LEET 09 Boston, MA April 21, 2009 Outline

More information

X-ARF: A Reporting and Exchange Format for the Data Exchange of Netflow and Honeypot Data

X-ARF: A Reporting and Exchange Format for the Data Exchange of Netflow and Honeypot Data X-ARF: A Reporting and Exchange Format for the Data Exchange of Netflow and Honeypot Data Jan Kohlrausch, Sven Übelacker, GÉANT 3 JRA2 T4: Internal deliverable DFN-CERT Services GmbH Hamburg, Germany Email:

More information

FSOR. Cyber security in the financial sector VISION 2020 FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE

FSOR. Cyber security in the financial sector VISION 2020 FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE FSOR FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE DECEMBER 2016 Cyber security in the financial sector VISION 2020 The Danish financial sector should be best in class in Europe when it comes to countering

More information

Thailand Initiatives and Challenges in Cyber Terrorism

Thailand Initiatives and Challenges in Cyber Terrorism Thailand Initiatives and Challenges in Cyber Terrorism Agenda Cyber-Terrorism weapons & tactics MICT Cyber Inspector Group IT Laws Development Challenges Cyber-Terrorism weapons & tactics What is Cyber-Terrorism?

More information

Endpoint Protection : Last line of defense?

Endpoint Protection : Last line of defense? Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development

More information

Service Level Agreement for Microsoft Online Services

Service Level Agreement for Microsoft Online Services Service Level Agreement for Microsoft Online Services Last updated on: January 1, 2015 1. Introduction. This Service Level Agreement for Microsoft Online Services (this SLA ) is made by Microsoft in connection

More information