Inglés Español Portuguese
Report Phishing
Vendor Solutions
Consumer Advice
 - Home
 - Report Phishing
 - APWG Events
 - Resources
 - eCrime & Phishing News
 - Phishing Education
 - Crimeware Map
 - APWG Member Site
 - Contact Us

APWG Global
Research Partners

 click here for a full listing

  Program Partner and Principal
Platinum Sponsor Gold Sponsor Silver Sponsors





   * Register Here *
Note: A discounted Student and University Staff registration rate is available.
Contact for details

Meeting Focus

The fourth annual Counter-eCrime Operations Summit (CeCOS IV) will engage questions of operational challenges and the development of common resources for the first responders and forensic professionals who protect consumers and enterprises from the ecrime threat every day. This year's meeting will focus on the development of response paradigms and resources for counter-ecrime managers and forensic professionals. Presenters will proffer case studies of national and regional economies under attack, narratives of successful trans-national forensic cooperation as well as models for cooperation and unified response against ecrime and data resources for forensic activities.

This is an important opportunity for stakeholders to meet, define common goals and to plan the harmonization of resources for the global counter-ecrime effort. If you are an information security professional, law enforcement officer, counter-ecrime technology developer, CISO/Security manager, (military or corporate) intelligence officer, policy analyst, technologist, legislator, legislative researcher, industrial standards author, corporate security manager, private investigator or academic/industrial researcher in ecrime you should attend this summit.

The program will be spread across a three-day conference event on May 11, 12 and 13 in Sãu Paulo, Brazil at the Blue Tree Towers Morumbi Hotel. The APWG believes under-appreciated operational issues are important enough to be the focus of a conference dedicated exclusively to them. They're often talked about as sidelights but rarely addressed directly as an organizational imperative for the entire counter-ecrime community. CeCOS IV makes those operational issue the central focus of the program for the benefit of all ecrime fighters.

Program Overview

Presentations at the opening of the program will be delivered by ecrime responders within the APWG, its Global Research Partners and law enforcement personnel who will discuss national and regional ecrime trends and individual case studies about resolving specific electronic crime cases. Presenters will come from the ranks of private industry, private security companies, public law enforcement agencies, government agencies and national Computer Emergency Response Teams (CERT). True crime stories will be balanced with instruction about the skills the responders exercise as well as the data and tools employed to resolve phishing attacks.

APWG principals, research fellows and Global Research Partners will detail survey the eCrime landscape and present proposals for organizing global responses that will harmonize efforts of eCrime respondents and organize the work of securing the global network infrastructure. Furthermore, presenters will examine the development ecrime data exchange specifications and how they can be employed to optimize counter-ecrime applications. Presentations about industrial policy at CeCOS IV will investigate industrial policies that complicate the work of exploited brandholders and responders - such as the segments of domain name system (DNS) registration process that is abused by phishers as part of their phishing campaigns.

Program Deliverables

Though instruction is always an APWG priority, the other defining goal is to identify common forensic needs - in terms the data, tools and communications protocols that are required to inform and facilitate time-sensitive communications between counter-ecrime stakeholders.

APWG has surveyed a lot of proposals and all have merit but required some harmonization of effort in order to make them maximally useful. APWG hopes that at the end of the program, the ensuing dialog will produce defined projects to organize data, tools and communications protocols that are required by the larger counter-ecrime community.

Working Agenda
** Translation services will be provided during the event. **

  This years program will include three days of session content and working panels. We will attempt to keep the detail below as up-to-date as possible.  
  Tuesday, May 11  
08:00 Registration Desk Opens
09:00 Conference Introduction


Peter Cassidy
Secretary General

  The Global eCrime Outlook    
09:10 National report
Cristine Hoepers
    German National Field Report Mirko Manske
Bundeskriminalamt Wiesbaden
    UAE National Field Report Ahmad Hassan
United Arab Emirates CERT
    Malaysia National Report and Case Study
Adli Abd Wahid
Malaysia CERT (MyCERT)
CyberSecurity Malaysia

10:45 Break
  Desktop and Client-Side Threats    
11:15   Contemporary Crimeware Threats Against Bank Customers
Lucas Coronel
11:45   Mobile Phone Crimeware Vulnerabilities
Dr. Hassen Saidi
12:15   On iPhone eCrime Forensics
David Barroso
12:45 Lunch (included)
13:45   On Malvertising
Gary Warner
University of Alabama at Birmingham
14:15 Global Call to Action: 
Due Diligence in Domain Name Registrations

Bobby Flaim

Marcos Vinicius Garcia Lima
Brazilian Federal Police

  Behavioral Vulnerabilities and Human Factors    
14:45   March of Folly: The world of misunderstanding, miscommunication and missed opportunity in Computer Security

David Perry
TrendMicro, Inc.

Aryeh Goretsky

15:15 Break
15:45 Global Call to Action: 
The Online Consumer Security & Safety Messaging Convention A Pan-Industrial, International Effort to Guide and Advise Consumers
Mike Kaiser
National Cyber Safety Alliance
16:15   Statistical Analysis of Phished eMail Users, Intercepted by the APWG/CMU Phishing Education Landing Page
Jason Hong
Carnegie Mellon University / Wombat Security
16:45 Announcements and Closing day one    
17:30 APWG Steering Committee Meeting    
  All registered attendees from APWG Steering Committee member organizations are invited to attend this meeting. Expect the meeting to run about 1.5 hours. Peter Cassidy
Secretary General
  Wednesday, May 12
08:30 Registration Desk Opens  
09:00   Securing Silicon Beach: Dan Diego's *Securing Our eCity* Project
Darin Andersen
Aimee Larsen-Kirkpatrick
National Cyber Security Alliance
  Network Infrastructure    
09:30   DNS as eCrime Tracking Mechanism
Doug Miller
10:00   The Global Phishing Report on TLDs Featuring the Avalanche/Zeus Pas de Deux
Greg Aaron

Rod Rasmussen

10:30 Break
  eCrime and the Global Communications Infrastructure    
11:00   An Examination of the Use of Proxy/Private Registrations by Spammers and Phishers
Dave Piscitello
(Via Web Video Conference)
11:30   When Data Become Radar: Tracing Spammers and Phishers Through the Abuse of the Internet Infrastructure

Klaus Steding-Jessen

Wagner Meira Jr.

12:00   3G Dialers: A New Demon with an Old Scam
Leonardo AmorVicente
12:30 Lunch (included)
13:30 Global Call to Action:  The IODEF Extensions Test Pilot Program:
Desktop Exercises to Prove Value of Uniting eCrime Event Data
Pat Cain
14:00   Operation Mariposa:
The Inside Story of an Historic Botnet Takedown

Luis Corrons Granel
Panda Security
14:30   Cybercrime Investigations: Challenges and Perspectives

José Mariano de Araujo Filho
Chief of Police
São Paulo State Civil Police

15:15 Break
  eCrime and Law Enforcement    
15:45 Panel Discussion:
Bridging the Law Enforcement and Industry Divide


Pat Cain

Mirko Manske

Bundeskriminalamt Wiesbaden

Leslie D. Hoppey
FBI/Cyber Division, Internet Crime Complaint Center (IC3)

John LaCour

Luiz Firmino
HSBC Brazil

  The Technology and Techniques of eCrime Response    
16:30   Phishing Investigations: Taking Off the Blindfold
Application of Intelligence Analysis to Phishing

Gary Warner
University of Alabama at Birmingham
17:00   Hacking the Hacker: A Year of Stalking a Nigerian Phisher

John LaCour

17:30 Announcements and Closing day two    
19:00 Dinner with the APWG    
  All registered attendees are invited to join us for dinner on Wednesday night May 12th. After the scheduled session content for the day we will take a break then regroup for dinner. This is an opportunity to relax and get to know the APWG Staff, CeCOS Speakers and the other registered attendees.
  Thursday, May 13
  Counter eCrime Operations Policy in Action
09:00   Creating the Enterprise CSIRT: Building the eCrime Response Platform
Julio Ardita
9:30   Traceability and Enterprise Preparedness
Luiz Firmino
HSBC Brazil
  Network Forensics    
10:00   Automated Crime Provenance Tracking Through Phishing Kit Identification and Clustering
Brad Wardman
University of Alabama at Birmingham
10:30 Break
11:00   Abusive Domain Name Resolution Suspension Process Program

Peter Cassidy
Secretary General

11:30   A High-Performance Botnet Blacklist Engine For Financial Institutions

David Oro
Barcelona Digital Technology Centre

Marc Vilanova
e-la Caixa CSIRT

  Internet Policy Committee Projects Review  

Rod Rasmussen
IPC Co-Chair

Topics will include:
Phishing Education Landing Page
Web Server Vulnerabilities Survey and Analysis
Fax Back Program

12:40 Lunch (included)    
13:40 Panel Discussion:
Optimizing Global eCrime Operations: What's In the Way - and How Can Impedance Be Removed?

Rod Rasmussen

Patricia Prandini
University of Buenos Aires

Jacomo Piccolini
Brazilian Academic Research Network RNP

Peter Cassidy

14:30 Announcements andClosing day three    


Location, Transport and Accommodation Logistics


The 2010 Counter-eCrime Operations Summit is being held at the Blue Tree Towers Morumbi Convention Center located in São Paulo's business and financial center. There are two shopping malls and numerous restaurants within easy walking distance. This location also provides additional hotel options right next door providing rooms to fit any budget.

Blue Tree Towers Morumbi

 Blue Tree Towers Morumbi
 Avenida Roque Petroni Junior, 1000 / Brooklin
 Sao Paulo



We have contracted with the Blue Tree Towers Morumbi for the special dissounted rate of Discount rates: R$ 244.00 for a Single or R$ 271.00 Double. Breakfast is included with this rate. To reserve a room at this special rate please download the attached form and submit it directly to the hotel via fax.

For our budget minded attendees, within close proximity to the event hotel are two additional options for lodging. We present two choices to consider, both directly adjacent to the event hotel.

Ibis Sao Paulo Morumbi - Economy Hotel
Av Roque Petroni Jr, 800 - Torre I / Brooklin
Sao Paulo

Room rate: advertised rate for May as of 02/01/2010 was R$ 146.00 (add breakfast for R$ 11.00)

Reservation online:

Formule1 Sao Paulo Morumbi - Budget Hotel
Av Roque Petroni Jr, 800 / Brooklin
Sao Paulo

Room rate: advertised rate for May as of 02/01/2010 was R$ 99.00 (add breakfast for R$ 7.00)

Reservation online:

Official Supporter of CeCOS IV

São Paulo Guides and Tourist Information

São Paulo, Stay Another Day

São Paulo Convention & Visitors Bureau

City of São Paulo -- Oficial Tourism Site

São Paulo Brochures, Pocket Guides and Recommended Activities

City Tours

Tour Packages:
While attending this years event, if you travel plans allow you can enjoy these special packages from Enjoy Brazil


Call for Presentations

APWG members, research partner and correspondents are invited and encouraged to submit their proposals for presentations and panel discussions. Proposals should be in the form of a title and extended abstract. All proposals should be submitted to the APWG Program Committee at Abstracts will be accepted till Midnight Eastern Time on March 29, 2010.

The APWG CeCOS conferences investigate the modern phenomena of electronic crime from the point of view of the responder who must undertake forensic exercises to investigate the crimes and the managers who must protect consumers and enterprise computer and network users every day. CeCOS presenters discuss all aspects of electronic crime and ways to combat it.

Topics of interest include (but are not limited to):

  • Phishing, rogue-AV, pharming, click-fraud, crimeware, extortion and emerging attacks.
  • Technical, legal, political, social and psychological aspects of fraud and fraud prevention.
  • Malware, botnets, ecriminal/phishing gangs and collaboration, or money laundering.
  • Techniques to assess the risks and yields of attacks and the success rates of countermeasures.
  • Delivery techniques, including spam, voice mail and rank manipulation; and countermeasures.
  • Spoofing of different types, and applications to fraud.
  • Techniques to avoid detection, tracking and takedown; and ways to block such techniques.
  • Honeypot design, data mining, and forensic aspects of fraud prevention.
  • Design and evaluation of user interfaces in the context of fraud and network security.
  • Best practices related to digital forensics tools and techniques, investigative procedures, and evidence acquisition, handling and preservation.
Vendor Sponsorship Opportunities

APWG is offering an opportunity to build relationships while marketing your company to a targeted audience of security, messaging and financial professionals. Sponsorships are a personal, non-intrusive way of conveying your message. Additionally, your participation can help support activities vital to the overall success of the APWG and its research partners, which ultimately contributes to the success of the entire counter-eCrime stakeholders' community.

There are a sponsorship opportunities available for those who want to use this meetings as an opportunity to communicate their brand and message to APWG members, presenters and event attendees, each either a critical decision maker or a thought leader in his or her own right.

You may download the Sponsors Oportunities memo here:     

Please contact Deputy-Secretary Foy Shiver for details via email at fshiver [at]

Press Announcements

Below are press releases related to this event.

  • APWG Unites Global Electronic Crime Fighters in São Paulo May 2010
    English Portuguese