APWG in Pittsburgh and Fraud in Japan

gm2007logo.jpg The Anti-Phishing Working Group is having one of its periodic member meetings, this time in Pittsburgh. Probably I shouldn’t report too much detail, but I’ll say that interesting things are going on worldwide that may spread to other countries. For example, in Japan it seems that fake programming sites are more popular than phishing. Also, if I heard correctly, most phishing in the Japanese language originates from phishers in Japan. This would make sense, since it’s very hard for foreigners to write well enough to pretend to be Japanese. So that one probably won’t spread too widely, but the fake programming scam could.

My favorite is the history attack. World War II ended on 15 August 1945 in Japan, so a timeline of that war can get a lot of hits on a war’s end link in August of any year. Who would have known history could be so popular?

Meanwhile, during Carnival in Brazil, nobody reports malware, so there’s a dip in measurements…. Then and the rest of the year, sophisticated personalized social engineering attacks seem to be popular in Brazil.


4 thoughts on “APWG in Pittsburgh and Fraud in Japan

  1. Iang

    > Probably I shouldn’t report too much detail,…
    Why not? The attackers already know, it is only the victims who are kept in the dark.

  2. John Quarterman

    Oh, the usual: people feel free to talk freely because nobody’s taking names and publishing transcripts. Most of the talks you could find elsewhere, but a few are unusual and the combination of people and information is quite good.

  3. Iang

    Oh, so people would be embarrassed to have their words mis-reported or abused. Sure, so it is nothing to do with security.
    Some security researchers have identified that one of the biggest weapons we use to destroy our own security is the penchant for making everything secret. It’s about time to start revealing everything, because all the other things that have been tried haven’t worked.

  4. John Quarterman

    Right, it’s not because of security; it’s because of politics.
    I agree with you that secrecy is counter-productive. The problem is how do you get people to show up without some promise of privacy.
    Me, as I remarked numerous times at this and other gatherings, I’m in favor of reputation services. Some people view that as “name and shame”. I see it more as enabling evolution.

Comments are closed.