Global Phishing Survey: Trends and Domain Name Use in 2H2012
Global Phishing Survey: Trends and Domain Name Use in 2H2012
Global Phishing Survey: Trends and Domain Name Use in 2H2012
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Global</strong> <strong>Phish<strong>in</strong>g</strong> <strong>Survey</strong> <strong>2H2012</strong>:<br />
<strong>Trends</strong> <strong>and</strong> <strong>Doma<strong>in</strong></strong> <strong>Name</strong> <strong>Use</strong><br />
About the Authors & Acknowledgments<br />
The authors wish to thank the follow<strong>in</strong>g for their support: Peter Cassidy <strong>and</strong> Foy Shiver of the<br />
APWG, <strong>and</strong> Aaron Routt of Internet Identity. The authors thank Lim<strong>in</strong>g Wang, Wang Wei,<br />
<strong>and</strong> Hu Anlei at CNNIC for the contribution of APAC phish<strong>in</strong>g data for this report. The<br />
authors thank <strong>Doma<strong>in</strong></strong>Tools for their contribution of WHOIS data to help identify trends <strong>in</strong><br />
malicious registrations. The authors also thank the members of the security <strong>in</strong>dustry, the<br />
doma<strong>in</strong> name <strong>in</strong>dustry, <strong>and</strong> the law enforcement community who have contributed to<br />
anti-phish<strong>in</strong>g programs <strong>and</strong> research.<br />
Greg Aaron is President of Illum<strong>in</strong>tel Inc., which provides advis<strong>in</strong>g <strong>and</strong> security services to<br />
top-level doma<strong>in</strong> registry operators <strong>and</strong> other Internet companies. Greg is an authority on<br />
the use of doma<strong>in</strong> names for e-crime, <strong>and</strong> works with registrars, registries, law enforcement,<br />
<strong>and</strong> researchers regard<strong>in</strong>g phish<strong>in</strong>g, malware, spam, <strong>and</strong> child pornography cases. He is a<br />
member of ICANN’s Security <strong>and</strong> Stability Advisory Committee (SSAC), <strong>and</strong> was the Chair<br />
of ICANN's Registration Abuse Policy Work<strong>in</strong>g Group (RAPWG). Greg also serves a Co-Chair<br />
of the Anti-<strong>Phish<strong>in</strong>g</strong> Work<strong>in</strong>g Group’s Internet Policy Committee. He was previously the<br />
Director of Key Account Management <strong>and</strong> <strong>Doma<strong>in</strong></strong> Security at Afilias (www.afilias.<strong>in</strong>fo). In<br />
2010, Greg accepted an OTA Excellence <strong>in</strong> Onl<strong>in</strong>e Trust Award for Afilias’ anti-abuse<br />
programs. Greg has advised governments, ccTLD operators, <strong>and</strong> ICANN regard<strong>in</strong>g registry<br />
policies <strong>and</strong> operations, <strong>and</strong> he oversaw the launches of the .MOBI, .IN, <strong>and</strong> .ME TLDs. He<br />
also has significant experience with Sunrises <strong>and</strong> Internationalized <strong>Doma<strong>in</strong></strong> <strong>Name</strong>s (IDNs).<br />
Greg is a magna cum laude graduate of the University of Pennsylvania.<br />
Rod Rasmussen is President <strong>and</strong> CTO of Internet Identity (www.<strong>in</strong>ternetidentity.com), <strong>and</strong><br />
has served as its technical leader s<strong>in</strong>ce he co-founded the company <strong>in</strong> 2001. He is widely<br />
recognized as a lead<strong>in</strong>g expert on the abuse of the doma<strong>in</strong> name system by crim<strong>in</strong>als.<br />
Rasmussen is co-chair of the Anti-<strong>Phish<strong>in</strong>g</strong> Work<strong>in</strong>g Group's (APWG) Internet Policy<br />
Committee <strong>and</strong> serves as the APWG's Industry Liaison, represent<strong>in</strong>g <strong>and</strong> speak<strong>in</strong>g on<br />
behalf of the organization at events around the world. In this role, he works closely with<br />
ICANN, the <strong>in</strong>ternational oversight body for doma<strong>in</strong> names, <strong>and</strong> is a member of<br />
ICANN's Security <strong>and</strong> Stability Advisory Committee (SSAC). Rasmussen is a member of<br />
the Onl<strong>in</strong>e Trust Alliance's (OTA) Steer<strong>in</strong>g Committee <strong>and</strong> was appo<strong>in</strong>ted to the FCC's<br />
Communications Security, Reliability <strong>and</strong> Interoperability Council (FCC CSRIC). He is also an<br />
active member of the Digital PhishNet, a collaboration between <strong>in</strong>dustry <strong>and</strong><br />
law enforcement, <strong>and</strong> is an active participant <strong>in</strong> the Messag<strong>in</strong>g Anti-Abuse Work<strong>in</strong>g Group<br />
(MAAWG), <strong>and</strong> is IID's FIRST representative (Forum of Incident Response <strong>and</strong> Security<br />
Teams). He also is a regular participant <strong>in</strong> DNS-OARC meet<strong>in</strong>gs, the worldwide organization<br />
for major DNS operators, registries <strong>and</strong> <strong>in</strong>terested parties, <strong>and</strong> <strong>in</strong> ICANN's series of DNS<br />
Security, Stability, <strong>and</strong> Resiliency Symposiums. Rasmussen earned an MBA from the Haas<br />
School of Bus<strong>in</strong>ess at UC-Berkeley <strong>and</strong> holds two bachelor's degrees, <strong>in</strong> Economics <strong>and</strong><br />
Computer Science, from the University of Rochester.<br />
#<br />
An APWG Industry Advisory<br />
http://www.apwg.org ● <strong>in</strong>fo@apwg.org<br />
PMB 246, 405 Waltham Street, Lex<strong>in</strong>gton MA USA 02421<br />
30