[gnso-rds-pdp-wg] [For Background] APWG report on phishers use of Domain Name System

[John Bambenek]

Thanks for chiming in and largely that was my point. I understand that several people have concerns about the privacy of registrants in whois. What I don't feel gets sufficient appreciation is that having access to whois data helps investigate and PREVENT large security and privacy risks. For instance, the recent malware outbreak that started in Ukraine (Petya/NotPetya). I can be more explicit on that when its over. 

--
John Bambenek

> On Jun 28, 2017, at 06:18, Rod Rasmussen <rod at rodrasmussen.com> wrote:
> 
> Thanks John - and let me point out that the authors are here at the meeting in JNB. :-)
> 
> Feel free to ping Greg or I on particular aspects of the report - especially if you’re here at the meeting and have some questions.  One thing I can assure you having done the lions’ share of the data “crunching” is that whois was an invaluable part of being able to deliver various stats, classify fraudulent domains vs. compromised ones, and determine providers of subdomain reselling services to name a few.  It was necessary to really make sense out of a lot of this data to deliver value to the community around how these activities are affecting various parties in the ecosystem.
> 
> Greg did a short post in CircleID on this as well:  http://www.circleid.com/posts/20170627_phishing_the_worst_of_times_in_the_dns/
> 
> Cheers,
> 
> Rod
> 
>> On Jun 27, 2017, at 9:42 AM, John Bambenek via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org> wrote:
>> 
>> http://docs.apwg.org/reports/APWG_Global_Phishing_Report_2015-2016.pdf
>> 
>> Relevant to our discussions.
>> 
>> -- 
>> --
>> 
>> John Bambenek
>> 
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>