First published: 31st May 2007
Speaking at the AusCERT conference, Peter Cassidy, secretary general of the Anti-Phishing Working Group (APWG), has announced the Incident Object Description Exchange Format (IODEF) XML Schema will be recognised by the IETF (Internet Engineering Task Force) in July. Mr Cassidy said that a structured data model was necessary to ease reporting, "For example, a Korean CERT (Computer Emergency Response Team) reporting an incident can send it to a French Bank".
The APWG has been collecting data on phishing since 2003, and is currently seeing 2.5 million attack records and 13.5 thousand URLs added to their databse every month. The average time-to-live of a phishing site is currently four days, down from over a week when the APWG was formed, however Cassidy believes that can be improved to just one day.