The APWG’s Internet Policy Committee (APWG-IPC) and the Carnegie Mellon Cylab Usable Privacy and Security Laboratory (CUPS) have joined forces to educate consumers about phishing and established the APWG/CMU Phishing Education Landing Page program. The goal of this initiative is to instruct consumers on online safety at the “most teachable moment”: when they have just clicked on a link in a phishing communication.
The phishing education landing page answers in 21 languages. Scripts interrogate users' browswer setting and serve up the right version.
Here’s how it works:
- The APWG-IPC and CMU’s CUPS created a webpage to educate users about phishing. The page (click here) explains that they have just fallen for a phishing communication (email or otherwise) and advises consumers and enterprise users ways they can help themselves to avoid being victimized in the future.
- As part of the process for shutting down a phishing website, we are asking ISPs, registrars, and anyone else who has control of the phishing page to redirect visitors to phishing websites to the Phishing Education Landing Page at http://education.apwg.org/r
The APWG-IPC created a separate webpage that will help the manager of the company whose servers have been co-opted for use in phishing attack learn how to initialize redirects to the APWG/CMU education page (click here)
The APWG and CMU’s CUPS encourages all brand owners to approve this process, all takedown providers to request the use of this redirect scheme, and all ISPs, registrars, registries, etc. to redirect to this page instead of serving an error page.
If you would like to learn more about this initiative, please contact us at: firstname.lastname@example.org