28 Oct APWG Provides Awareness and Alerting Utilities to Industry and Consumers for Cybersecurity Awareness Month 2022
APWG’s Counter-cybercrime R&D Forge Proffers Programs for Education, Awareness and Alerting Every Day of the Year
CAMBRIDGE, Mass., October 28, 2022
In support of Cybersecurity Awareness Month 2022, APWG is reminding all counter-cybercrime communities of the awareness, education and cybercrime-reporting utilities that the global association maintains for industry and consumers worldwide.
This year’s CSAM campaign theme — “See Yourself in Cyber“ — speaks directly to APWG cybercrime suppression objectives, including the CSAM imperative for 2022 to recognize and report phishing — a cybersecurity standard operating procedure (SOP) that APWG enabled programmatically in 2004 with its phishing mail reporting service — the same year CSAM was established by presidential declaration.
The APWG’s three awareness and education programs for industry and consumers support that the activist motivations of the CSAM 2022 campaign are:
- The APWG Report Phishing email phishing lure forwarding service to alert block list managers and cybercrime responders to phishing attacks’ source and landing pages.
- The APWG CMU Phishing Education Landing Page to instruct credulous users of best practices at the most teachable moment: when they have just clicked on a phishing link to a decommissioned phishing website.
- The STOP. THINK. CONNECT. cybersecurity awareness campaign of shared cybersecurity awareness messaging assets, launched in 25 national campaigns since its inaugural deployment in 2010 as the cybersecurity awareness campaign of the federal government of the United States.
Pull the Alarm: Report Phishing to email@example.com and Be the First to Point to the Bad Guys
The APWG Report Phishing forward program has routed billions of phishing email lures to industrial processes and analysts since it was formally established in 2004, a mechanism used by the general public, commercial enterprises, national governments and multilateral treaty organizations worldwide. Currently, the Report Phishing forward service processes a half million reports per month.
If you have received a suspicious or obviously malicious phishing email, you can forward those to APWG for analysis and processing by APWG member companies and institutions.
The best way to do this is to simply forward the suspected phishing email to firstname.lastname@example.org. Forwarding suspected phishing emails to APWG contributes directly to fraud and crime prevention services to protect users and track criminal activity.
If your email client supports the option to “Forward As Attachment,” please use it as this will provide APWG’s systems with more detail for our member institutions to trace and monitor phishing websites.
All data is handled responsibly and under contract with the APWG-vetted member community.
APWG Proffers Awareness Jujitsu for Web Hosting Industry: Replace Phishing Pages With Educational Messaging
In 2009, APWG and the Carnegie Mellon CyLab Usable Privacy and Security Laboratory (CUPS) established a redirect utility for ISPs that forwards users clicking on links to decommissioned phishing web pages to a special page of educational tips and advice.
The Phishing Education Landing Page replaces phishing pages with a redirect script that sends users to educational instruction when they click on phishing URLs — instead of a confusing and largely blank Error 404 message.
As part of the process for shutting down a phishing website, APWG requests that ISPs, registrars, and parties with control of a phishing page to redirect visitors to phishing websites to the Phishing Education Landing Page at http://education.apwg.org/r
The APWG CMU Phishing Education Landing Page has been in continuous operation since 2009, reminding millions of credulous consumers to take care in their web-borne travels. The educational messaging is presented in one of 21 languages, calibrated to the language settings of users’ browsers.
The STOP. THINK. CONNECT. Cybersecurity Awareness Campaign Provides Tested Messaging for Reminding Users of Best Cyber Practices
The STOP. THINK. CONNECT. program is a cybersecurity public awareness campaign of shared assets promoted by industry, NGOs and national government deployments — and through cooperative relationships with multilateral treaty organizations. Currently, the campaign is deployed in dozens of countries.
STOP. THINK. CONNECT. was conceived and initially proposed as a Messaging Convention by the APWG to its members in 2008 as a way to optimize user awareness and education by unifying the cybersecurity awareness messaging they receive and reducing the clutter of uncoordinated, inconsonant efforts.
The campaign has been deployed by cabinet ministries, national CERTs, government agencies and NGOs in some 25 nations — the first in the United States in 2010. Most recently, the Messaging Convention has completed cooperative agreements with ministries in South America and Central Asia. See: https://messagingconvention.org/national-curators
The STOP. THINK. CONNECT. slogan and badge and advisory suite is a complete package for a national, regional or localized cybersecurity awareness campaign and is offered at no cost and with no restriction on educational uses of the assets.