The 2025 Symposium on Electronic Crime Research (eCrime 2025) examines essential factors for managing the impacts of the global cybercrime plexus to secure IT users, commercial enterprises, governments, critical infrastructures, and operational technologies. eCrime 2025 will be the 20th annual peer-reviewed, publishing symposium hosted by APWG
eCrime Venue: San Diego, California
Call for Papers
This year’s edition of eCrime is titled “Cybercrimes Only AI and Crimebots Can Dream Of”. Beyond soliciting research into cybercrime that inflicts financial losses, as the symposium has since 2006, eCrime 2025’s chairs are particularly interested in papers that address challenges in: cyber-physical systems and operational technologies; artificial intelligence; and the interaction between different system layers (such as socio-technical systems) that are employed or abused by cybercriminals for profit – and for advancement of larger criminal enterprises.
The IEEE Computer Society’s Technical Community on Security & Privacy Is Standing as Technical Sponsor of the APWG’s 2025 Symposium on Electronic Crime Research (eCrime 2025)
Solicited Topics Consonant With eCrime 2025’s Theme Include:
- Artificial Intelligence (AI) as criminal co-conspirator and defensive collaborator, such as:
- -> Malicious AI agents employed to perform enhanced malware polymorphism, agentic spearphishing, reconnaissance, etc.
- -> Development and maintenance of criminal co-pilots and the future of human-machine teaming, including hybridized human-crimebot cyber gangs.
- -> Are malicious AI tools lowering the skills barrier to commit more advanced cybercrimes?
- Adversarial AI (attacks directly against AIs and machine learning systems) as it relates to the furtherance of cybercrime or cyber-physical cybercrime — especially agents employed in security operations
- Defensive AI Agents deployed as cybersecurity operations managers and (autonomous and semi-autonomous) counter-cybercrime managers
- Design, deployment and assessment of multi-agent environments (MAEs) for enhancing resilience of infrastructure and systems to cybercrime
- Design, deployment and assessment of defences related to AI systems themselves (jailbreaks, injections, etc.)
- Actual, emerging or potential risks from AI systems deployed to animate cybercrimes against people, operational systems, IoT technologies, or physical spaces and objects
- Abuse of cyber-physical systems and operational technologies and downstream manipulation (extant, emerging or potential) for furtherance of crimes with physical manifestations, including:
- -> Drone and robot hijacking and weaponization;
- -> Criminal abuses and weaponization of medical and surgical systems;
- -> Criminal abuses and weaponization of IoT for domestic and commercial targeting;
- -> Criminal abuses and weaponization of autonomous vehicles and delivery robots
- AI and machine-learning system security to mitigate threats posed by advanced cybercriminal algorithms — and to guard against strategically misinforming and abusing them for criminal enterprises
- New research on policy, regulation, and law as they pertain to cybercrime of all types
Topics of general interest for submissions to eCrime 2025 are listed below, under the heading “Solicited Research Topics for APWG eCrime 2025.”
Important Dates (papers):
Full Paper registration / submission of full draft due: July 15st, 2025
Notification of acceptance: August 30th, 2025
Conference: November 4 – 7, 2025
Camera-ready paper due: November 30th, 2025
The selected peer-reviewed papers will be presented at the eCrime symposium along with panels and talks in General Sessions from other researchers selected from industrial and academic research centers correspondent with the APWG.
General Information
eCrime sessions and proceedings are in English.
The San Diego venue and accommodation details will be confirmed by mid 2025.
Please contact the APWG eCrime organizers for any other details via email at apwg_events@apwg.org.
Discounts
Students requiring discounts should contact symposium managers at apwg_events@apwg.org
IEEE members and partners requiring discounts should contact symposium managers at apwg_events@apwg.org
Discount codes are also available for university researchers, government personnel and law enforcement professionals from pubic-sector agencies as well as for IEEE members.
Please contact the APWG eCrime organizers for details via email at: apwg_events@apwg.org.
Solicited Research Topics for APWG eCrime 2025
Since 2006, APWG eCrime has cast its call for papers in relevant research disciplines, focusing in large part on financial crimes that abuse Internet technologies and IT to victimize users, enterprises and their brands.
From 2025 forward, APWG eCrime is also specifically soliciting original research on cyber-physical systems and operational technologies abused in the furtherance of any crime: cyber (digital) or manifested in physical spaces, such as homes, enterprises, roadways, public spaces and critical infrastructure.
eCrime’s curators define these cybercrimes as those that exploit, disrupt, or manipulate cyber-physical systems or operational technologies — systems that integrate control, feedback, and communication mechanisms across digital, mechanical, and biological domains.
The selected peer-reviewed papers will be presented at the eCrime symposium along with panels and talks in General Sessions from other researchers selected from industrial and academic research centers correspondent with the APWG.
Alongside this expanded topic spectrum, eCrime 2025 is also soliciting papers that speak to the following topics and issues:
Economic foundations of: cybercrime cyber-physical crimes; and other abuses of IT for criminal enterprise
Behavioural and psychosocial aspects of cybercrime; and cyber-physical system victimization and prevention
Emerging technological exposures, vulnerabilities, and risks
Architectural vulnerabilities (of products, operational technologies, infrastructures and cyber-physical systems) that advantage criminal actors
New or improved techniques to detect and respond to cybercrime and cyber-physical crimes of all types
How to accurately measure and understand the health and resilience of systems, networks, infrastructures and users against cybercrime
Addressing challenges of cybercrime’s increasing complexity (e.g. digital infrastructures, crime-fighting/forensic techniques, and the structure of the crimes themselves)
Measuring and modelling of cybercrime/cyber-physical system crimes and related criminal enterprises for operational protection routines
Measuring and modelling of cybercrime/cyber-physical system crimes and related criminal enterprises for informing rational underwriting instrumentation developed by commercial insurers
Analysis and modelling of the cybercrime and abuse risk landscape
Cybercrime/cyber-physical system crime payload delivery strategies and countermeasures (e.g. spam, mobile apps, social engineering, etc.)
Application of public policy and law for the programmatic suppression of common cybercrimes; crimes against or involving cyber-physical systems and related abuses
Policy and legal challenges as they relate to actually developing and sustaining anti-cybercrime practices and policies
Cryptocurrency crimes and related cybercrimes, and the forensic tools and techniques required to measure, prevent, and counter these crimes
Case studies of current cybercrime/cyber-physical system attack methods (e.g. phishing, malware, rogue antivirus programs, pharming, ransomware, crimeware, botnets, and emerging techniques)
Detecting and preventing abuse of internet infrastructure to neutralize cybercrimes/cyber-physical system crimes and abuses
Detecting and isolating cybercriminal gangs and their money laundering routines and enterprises
Cybercrime’s evolution in specific verticals (e.g. financial services, e-commerce, health and energy, etc.)
Cybercriminal cloaking techniques, and counter-cloaking tools and approaches
Design and evaluation of UI/UXs to neutralize fraud and enhance user security and cybercrime awareness
Novel methods for measuring cybercrime and related abuses for development of defensive routines and programs
Guidance for Authors
Submit papers here: https://ecrime2025.hotcrp.com
eCrime has adopted the IEEE publication format. Submissions should be in English, in PDF format with all fonts embedded, and formatted using the IEEE conference template, which can be found at:
http://www.ieee.org/conferences_events/conferences/publishing/templates.html.
Submissions must include author names and affiliations, but should otherwise be anonymized. Authors’ own work should be referred to in the third person.
Papers should not exceed 12 letter-sized pages, excluding the bibliography and appendices. Committee members are not required to read appendices, so ensure that the main paper is intelligible without them.
Submitted papers that do not adhere to all the above guidelines may be rejected without consideration of their merits.
Authors of accepted papers must register for the event and present in person. Remote presentations delivered live and/or pre-recorded presentations will be considered in limited circumstances (e.g. where the lead author presents remotely and a co-author attends in person).
Authors will be asked to indicate whether they would like their submissions to be considered for the Best Student Paper Award. Any paper co-authored by a full-time student is eligible for this award.
Authors of accepted papers must guarantee that their paper will be presented at the conference. APWG eCrime understands that some authors may face difficulties in obtaining funding to attend the conference. Therefore, a limited number of stipends are available for those who are unable to secure funding. Students who will present their accepted papers themselves will be given priority in receiving this assistance.
Call for Training Day Proposals
Are you an expert in a cybercrime research, cyber forensics or related investigation methods? Do you use a specialised resource/repository and want to show others how to use it too (or use it better)? Have you authored a new framework or modelling technique that you think more people should know about?
For the first time at eCrime 2025, APWG will feature a pre-conference eCrime Training Day for researchers and industry practitioners. Trainers will have the opportunity to discuss their areas of expertise with attendees on Monday, November 3, the day before the conference begins (on 4 November). These longer sessions are aimed at transferring skills and passing the torch to a new generation of researchers and practitioners.
Sessions could focus on a variety of relevant topics, such as:
How to collect, use, and analyse cybercrime data in investigations and/or research projects
How to investigate key data repositories, such as the DNS ecosystem, for research and investigations
New modelling methods for cyber threats, risks, and vulnerabilities
How to engage with policymakers as a cyber researcher or industry expert
An intro session for cybercrime researchers/investigators focusing on relevant security frameworks, standards, and best practices
Training session proposals should include:
Training session title
Trainer/artisan biographic description 3-6 sentences of direct relevance to topic space covered in the proposed session
Topic description of 3-6 sentences describing what the training session will cover and competencies it will cultivate
Audience: eCrime prefers sessions that any eCrime attendee could benefit from; however, please note if your session would especially benefit a specific audience (e.g. threat intelligence researcher)
Prerequisites: eCrime prefers training sessions that do not require any prerequisites; however, we may make an exception for a topic of particular merit or interest
Session length minimum of 1 hour, maximum of 3 hours. Please also indicate whether your session length is strict (i.e. if we receive many session proposals, or if a trainer drops out, would you be able to make your session longer or shorter)
Include all the information above in a Word or PDF document and upload to https://ecrime2025.hotcrp.com and title your submission with “PROPOSAL” followed by your session title (for example “PROPOSAL Using the OWASP model in SMEs”.)
A maximum of 4 training sessions will be offered.
Important Dates (eCrime Training Day proposals)
Deadline for Proposals: June 15st 2025
Notification of Acceptance: July 15st 2025
Anticipated time for each training session: 1 to 3 hours, with a preference for longer, in-depth sessions. If there is sufficient interest, we will consider running parallel sessions.
ORGANIZING COMMITTEE
Program Chair
Ebrima Ceesay
Mastercard
General Chair
Laurin Weissinger
(Tufts University)
Publications Chair
Miranda Bruce (University of Oxford)
Event Sponsors
Gold Sponsor
eCrime Reception Sponsor
Silver Sponsors
Bronze Sponsor
Founding Sponsor
NGO Research Partners
PROGRAM COMMITTEE
| Committee Member | Affiliation |
|---|---|
| Benoit Dupont | Universite de Montreal |
| Daniel Thomas | University of Strathclyde |
| Guy-Vincent Jordan | University of Ottawa |
| Ebrima Ceesay | Mastercard |
| Jean Dinco | GIFCT |
| Zinaida Benenson | Friedrich-Alexander-Universität |
| Laurin Weissinger | Tufts University |
| Samaneh Tajali | ICANN |
| Peter Cassidy | APWG |
| Tom Meurs | University of Twente |
| Yi Ting Chua | University of Tulsa |
| Roman Y. Sannikov | Constellation Cyber |
| Brad Wardman | Coinbase |
| Miranda Bruce | UNSW |