Report Phishing
Vendor Solutions
Consumer Advice
 
 - Home
 - Report Phishing
 - APWG Events
 - Resources
 - eCrime & Phishing News
 - Phishing Education
 - Crimeware Map
 - JOIN THE APWG
 - APWG Member Site
 - Contact Us
 
 
 
 

The APWG is pleased to present eCrime 2012, a combined event that includes the 2012 Fall General Meeting, eCrime Researchers Summit, and ICANN DNS Security, Stability and Resiliency Symposium. No eCrime or malware researcher or counter-eCrime developer or responder will want to miss this year's event. Please join us at this opportunity to bring yourself up-to-date on phishing and eCrime's evolution across the globe. Count on three full days of cutting presentations on eCrime and eCrime response, expert discussions and in-depth round-tables with updates on APWG projects in development for the counter eCrime community. As well, we will look into the future of the APWG's development and for guidance on managing it from our eclectic member base.

This eCrime Congress will include a one-day, members-only meeting on October 22nd and two full days of open sessions thereafter of programming that will be open to both members and non-members. APWG will examine crimeware's evolution, behavioral vulnerabilities and human factors that contribute to eCrime's success, the roles of Registrars, Registries and DNS in managing phishing attacks, public health approaches to managing the eCrime scourge, as well as breaking news on counter-eCrime efforts and resources.

APWG Members and Non-Members Please Note: The sessions at the Fall General Meeting on October 22nd are open to APWG Members Only. APWG organizers will vet all registrants that sign up for the conference. Interlopers will not be accommodated. The subsequent eCrime Researchers Summit sessions on October 23 and 24 is a public event open to all. If you haven't already, check membership rules and benefits at: http://www.apwg.org/membership.html Members at the individual level and above are eligible to attend the General Members' meetings.

 
Platinum Sponsor



 

Silver Level Sponsors Bronze Sponsor
PIR PIR

Wombat
CERT/SEI
Program Partners

OAS

STOP. THINK. CONNECT.

Technical Sponsor
and
2012 eCrime Fighter Scholarship Patron
IEEE

 

 
**  Click Here to Register for this combined event  **
 

Get Full details on the eCrime Researchers Summit and it's separate Call For Papers here
eCrime Researchers Summit


View the Current Working Agenda Here
 

Call for Presentations
APWG members, research partner and correspondents are invited and encouraged to submit their proposals for presentations and panel discussions to the APWG Program Committee at proposals@apwg.org.
 
Logistics
Venue:

This years event will be hosted in the beautiful El Conquistador Resort in Las Croabas, Puerto Rico. This all inclusive resort includes a water park, 18-hole Arthur Mills Golf Course, a casino, horseback riding and it's own private island and beach.


El Conquistador Resort & Conference Center

Las Croabas, Puerto Rico - USA
T 787-863-1000


The APWG has arranged with the hotel to provide a discounted rate for attendees during the event. This discounted rate of $160 per night is available from October 19th through the 27h. The group code is APWG10.
Use this link to register at the discounted group rate.
This rate does not include sales tax, a one time $10 portage and daily $3 attendant fee.
 

Vendor Sponsorship Opportunities

APWG is offering an opportunity to build relationships while marketing your company to a targeted audience of security, messaging and financial professionals. Sponsorships are a personal, non-intrusive way of conveying your message. Additionally, your participation can help support activities vital to the overall success of the APWG and its research partners, which ultimately contributes to the success of the entire counter-phishing stakeholders' community.

The following benefits are available to Meeting Sponsors, once your sponsorship is confirmed:

- Recognition in on-site signage displayed during the meal or break
- Distribution of one giveaway such as a literature pack or chotchkee

There are a number of meal, break and entertainment sponsorship opportunities available for APWG members who want to use this meetings as an opportunity to communicate their brand and message to members of the APWG and presenters, each either a critical decision maker or a thought leader in his or her own right.

Please contact Deputy-Secretary Foy Shiver for details via email at fshiver [at] apwg.org.

Working Agenda
     (* NOTE: This agenda is a work in progress, expect it to change often till early October when things start to come together. You can see a sample agenda from last years event in San Diego HERE *)
  Sunday, 21 October

16:30

Early Bird Registration
 

We will open the registration desk for a few hours Sunday before the Meet & Greet.

 

Early Bird Meet and Greet

17:30

Early Bird Meet and Greet Reception

Join us to start our discussions and meet the other attendees at a reception on the terrace upstairs on the Mirador level.
Sponsored by PIR

   
  Monday,22 October
General Members Meeting
 

 
** Monday's agenda is restricted to APWG Members and Invited Guest Only. **
 

08:00

Registration & Coffee

09:00

Welcome and Opening Remarks

 

Welcome from APWG & Status Updates

Peter Cassidy
APWG

 

APWG Cybercrime Assessment

09:10

Threats Without Frontiers

Dave Jevans
APWG

09:40

APWG Europe: Promise and Potential of Intercontinental Cybercrime Engagement

Jorge Aguila Vila
CaixaBank

09:50

APWG eCrime Exchange: A Forensic Collaboration Nexus for Cybercrime Event Data Induction, Exchange and Processing

Mike D'Ambrogia
APWG

10:10 Break
 

APWG Plenary Morning Sessions

10:30

Mobile Threats: Going Where the Money Is

Etay Maor
RSA

11:00

Mobile Apps sandboxing and monitoring with Aurasium

Hassen Saidi (*remote presention*)
SRI International

11:30

Mobile Intrusion: From State Sponsorship to the Cybercrime Plexus

Jart Armin
HostExploit

 

APWG Mobile Panel

12:00

Moderator:
Jart Armin
HostExploit

Panel:
Etay Maor
RSA

Kurt Wescoe
Wombat Security Technologies

Dave Jevans
APWG

12:30 Lunch
 

APWG Cybercrime Data Discussion

13:30

Announcing the APWG Accredited Reporter Cybercrime Data Submission Program

Dave Jevans
APWG

14:00

URL Block List 2.0 - Expanding Data Sets for Precision Reporting and Deeper Data Mining

Pat Cain
APWG

14:30

Data Exchange Policy- Avoiding the Zero-Sum Trap

Erin Kenneally
eLCHEMY, Inc.

15:00 Break
 

Botnet Mitigation Panel

15:30

   Moderator:
   Don Blumenthal
   PIR

Panel:
Michael Hausding
SWITCH
Ben Butler
GoDaddy
Pat Cain
APWG

 

 

 

16:30 Closing Announcements Day One
 

 

Foy Shiver
APWG
17:00

APWG Steering Committee Meeting

 

Attendees from current APWG Steering Committee member organizations are invited to attend this meeting. Expect the meeting to run about 2 hours.

19:00

Speaker & Steering Committee Dinner

 

Presenters at this years CeCOS are invited to join the APWG Steering Committee and Staff for dinner. Details will be announced Monday during the meeting.

   
  Tuesday, 23 October
eCrime Researchers Summit Day 1
 
08:30

Registration & Coffee

 

Welcome and Opening Remarks

09:00

Welcome from APWG

Saeed Abu-Nimeh
APWG eCrime Researchers Summit Co-Chair

 

eCrime Research Programs Review and Announcements

09:15

Announcing the APWG eCrime Research Scientific Advisory Board Program

 
 

Panel:
Saeed Abu-Nimeh
APWG eCrime Researchers Summit Co-Chair

Shawn Loveland
Microsoft

 

The Technologies and Tools of eCrime Forensics

09:30

Shylock: an end-to-end cybercrime organization

Peter Kruse
CSIS

10:10

The ZueS Blitz Strategy

Brad Wardman
PayPal

10:45 Break
11:15

Linking Crimeware to the Criminals

Saeed Abu-Nimeh
PayPal

 

Behavioral Aspects and Human Factors in Cybercrime Management

11:45

PhishAri: Automatic Realtime Phishing Detection on Twitter

Anupama Aggarwal
Indaraprastha Institute of Information Technology

Ashwin Rajadesingan
Arizona State University

Ponnurangam Kumaraguru
Indraprastha Institute of Information Technology

12:10

Does Context Influence Responses to Firewall Warnings?

Muhammad Mahmoud
Carleton University

Sonia Chiasson
Carleton University

Ashraf Matrawy
Carleton University

12:30 Lunch
13:30

Explaining Cybercrime through the Lens of Differential Association Theory

Rachel Levin
The College of New Jersey

Jonathan Richardson
Northern Kentucky University

Gary Warner, Kent R Kerley
University of Alabama at Birmingham

 

The Technologies and Tools of Cybercrime Response and Management

14:00

Discovering Phishing Dropboxes Using Email Metadata

Tyler Moore
Southern Methodist Univeristy

Richard Clayton
Cambridge University

14:30

Investigative Response Modeling and Predictive Data Collection

Dan Moor
Hewlett Packard

S. Raj Rajagopalan
Hewlett Packard

Sathya Chandran Sundaramurthy, Xinming Ou
Kansas State University

15:00 Break
 

Internet Policy Committee - Programs in Development Review

15:30

   Moderator:
   Rod Rasmussen
   InternetIdentity

 
 

The Global Phishing Report
on Abuse of TLDs

Greg Aaron
Afilias

Rod Rasmussen
InternetIdentity

16:30 Closing Announcements
 

 

Foy Shiver
APWG
19:00

Dinner & Awards

 

Please join us Tuesday night for this years CeCOS VII Networking Dinner and Annual Awards presentation. We will have a casual evening to include the Annual Best Paper with time to continue our discussions from today's different presentations.

     
  Wednesday, 24 October
eCrime Researchers Summit Day 2
 
09:00 Registratrion & Coffee
09:30

APWG Global Response Roundtable
The Challenge and Promise of Globalized Online Awareness Messaging

 

   Moderator:
   Peter Cassidy
   APWG

Panel:
Amy Jarrette
Public Safety Canada

Aury M. Curbelo Ruiz
University of Puerto Rico

Kim Sanchez
Microsoft

Brian Sullivan
Organization of American States

10:15

How Do Consumers React to Cybercrime?

Rainer Boehme
Universit√§t M√ľnster

Tyler Moore
Southern Methodist University

10:45

There Is A Scam for Everyone: Critical Trends in Internet Fraud Solicitations

Jon Rusch
US Justice Department

11:15 Break
11:45

Dual Canonicalization: An Answer to the Homograph Attack

James Helfrich
Brigham Young University

12:15

APWG Malicious Domain Suspension Program

Mike D'Ambrogia
APWG

12:40 Lunch
13:30

eCRS Research In Progress:
A Crime Classification System to Improve eCrime Reporting, Metrics, and Response

Pat Cain
APWG

  Cybercrime and the Internet Infrastructure
13:50

Identity Federation as Fraud Metadata Beat Cop

Joni Brennan
Kantara Initiative

14:30

An Integrated Approach to Analyzing Malware and Abusive Domains

Chris Davis
ICANN

15:00 Break
15:30

APWG Global Response Roundtable
Data Sharing Agonistes: Challenges for Cybercrime Responders and Investigators Beyond Static Record Exchange

 

   Moderator:
   Wes Young
   REN-ISAC

Panel:
Tom Millar
US-CERT (Invited)

Dave Jevans
APWG

Rod Rasmussen
InternetIdentity

16:30 Closing Announcements
 

 

Foy Shiver
APWG
     
17:00 BOF's
 

eCrime Research Summit Development and Management Meeting

 
     
Thursday, 25 October  
     
  The Fourth Symposium on Global DNS Stability, Security and Resiliency
 

The fourth Global Annual Symposium on DNS-SSR will focus on the abuse or misuse of the DNS and domain registration systems. Holding the DNS-SSR in conjunction with the APWG eCrime 2012 conference creates a unique opportunity to engage the security and operations communities alongside DNS ecosystem stakeholder groups in discussions on operational and policy open issues and challenges related to the DNS abuse or misuse. The symposium takes the place under Chatham house rule, allowing for open discussion, and will culminate in the production of a report.

See previous reports at:
http://www.gtisc.gatech.edu/pdf/DNS_SSR_Symposium_Summary_Report.pdf
https://www.icann.org/en/about/staff/security/ssr/dns-ssr-symposium-report-1-03feb10-en.pdf
http://www.gcsec.org/sites/default/files/files/DNS_SSR3_REPORT_20120210.pdf

     
07:30 Registration
08:30 Opening Remarks
 

Keynote:

TBD

 

Morning Session:
Role of the Domain Name System in E Crime Topic: Do we have a clear definition of "Misuse" when related to the Domain Names and the DNS? Is it distinguishable from "Abuse of DNS"? Are the means to mitigate misuse different from those to mitigate abuse?

12:00 Lunch
13:30

Afternoon Session:
Many organizations produce lists of domain names (or hyperlinks) that they have investigated and determined to be "abusive" or used in association with criminal activities. What are the current mechanisms for classifying and distributing such data? Are conventions or practices for normalizing these data worthwhile? Can these facilitate accessibility and utility?

16:30 Closing Recap
     
     
18:30 Evening Reception and continuing discussions