LLMpediaThe first transparent, open encyclopedia generated by LLMs

Anti-Phishing Working Group

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Internet Governance Forum Hop 4
Expansion Funnel Raw 83 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted83
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Anti-Phishing Working Group
NameAnti-Phishing Working Group
Founded2003
LocationGlobal

Anti-Phishing Working Group The Anti-Phishing Working Group is an international coalition focused on combating phishing, cybercrime, and identity theft through information sharing, best practices, and technical countermeasures. It brings together stakeholders from technology companies, financial institutions, telecom operators, and law enforcement to address online fraud, collaborating with entities across continents to improve detection and takedown of malicious infrastructure.

History

The initiative emerged in 2003 amid coordinated responses to widespread phishing campaigns affecting Microsoft, eBay, Bank of America, PayPal, and Yahoo!. Early collaborators included personnel from AOL, VeriSign, Visa, Mastercard, and American Express, who sought to unify efforts with investigators from Federal Bureau of Investigation, United States Secret Service, Europol, and Interpol. The group’s formation followed high-profile incidents that also involved actors linked to breaches associated with TJX Companies and campaigns exploiting vulnerabilities publicized after disclosures by Bruce Schneier and advisories from CERT Coordination Center. Over time the coalition expanded engagement with technology providers such as Google, Microsoft Azure, Amazon Web Services, and Cloudflare while aligning takedown practices influenced by precedents set in responses to campaigns tied to Silk Road-era investigations.

Mission and Objectives

The organization aims to reduce the success of phishing attacks by promoting coordinated responses among stakeholders including financial firms like Citibank and Wells Fargo, email providers such as Gmail and Outlook.com, and security vendors including Symantec and McAfee. Objectives encompass developing standards adopted by registries like ICANN-affiliated operators, supporting law enforcement actions exemplified by operations led by FBI Cyber Division and Europol EC3, and facilitating public awareness campaigns similar in scope to initiatives by FTC and NortonLifeLock. The group prioritizes rapid information exchange, best-practice dissemination used by institutions like SWIFT and NASDAQ, and cross-border collaboration modeled on frameworks used in Five Eyes intelligence partnerships.

Membership and Governance

Membership comprises corporations, academic institutions, and enforcement bodies such as Stanford University, Massachusetts Institute of Technology, Carnegie Mellon University, Kaspersky Lab, and Trend Micro. Governance has included advisory input from executives formerly of PayPal and legal counsel with histories at firms representing clients before US Court of Appeals for the Ninth Circuit and European Court of Justice. Board and committee structures draw on corporate governance practices seen at Cisco Systems and IBM, with working groups organized around technical standards familiar to contributors such as IETF and W3C. Members coordinate liaison with national authorities including Department of Homeland Security and ministries in jurisdictions represented by G7 and European Union delegations.

Activities and Initiatives

Operational activities include maintaining feeds of malicious URLs and domains used in campaigns affecting customers of HSBC, Barclays, Deutsche Bank, and Santander, and coordinating takedowns with registrars influenced by policy discussions involving ICANN and IANA. The coalition runs incident response workflows akin to practices at CERT-UK and organizes training modeled on programs by SANS Institute and ENISA. Initiatives have included consumer education outreach comparable to efforts by Better Business Bureau and Consumer Reports, as well as pilot projects testing authentication techniques championed by FIDO Alliance and cryptographic approaches referenced by researchers at RSA Conference and Black Hat USA.

Research and Publications

The group publishes metrics, threat reports, and white papers analyzed alongside studies from MITRE, NIST, Google Threat Analysis Group, and academic outputs from University of Cambridge and University of Oxford. Reports aggregate data on phishing trends reported by members including PayPal, eBay, Mastercard, and Visa, and benchmark takedown effectiveness using methodologies comparable to those in publications from RAND Corporation and Gartner. Research topics span domain abuse, email authentication standards such as DMARC, DKIM, and SPF, and investigations into criminal infrastructures similar to analyses published by Trace Labs and Chainalysis.

Partnerships and Outreach

Partnerships extend to international enforcement collaborations with INTERPOL, Europol, and national agencies like FBI and NCA (United Kingdom), while industry alliances include ICANN, FIDO Alliance, and security vendors like Symantec and CrowdStrike. Outreach involves conferences and panels at events such as RSA Conference, Black Hat USA, DEF CON, and regional forums hosted by APWG-ROT partners, and educational cooperation with universities including Carnegie Mellon University and Stanford University. The coalition also liaises with standards bodies like IETF and W3C to influence protocols and with financial consortiums such as SWIFT and ABA to refine incident reporting and consumer protections.

Category:Computer security organizations