> **来源:[研报客](https://pc.yanbaoke.cn)** # Summary of "Fighting Cyber-Enabled Fraud: A Systemic Defence Approach" ## Core Content This white paper by the World Economic Forum and the Institute for Security and Technology (IST) outlines a systemic approach to combatting phishing and cyber-enabled fraud. It emphasizes the need for a coordinated, multistakeholder effort to shift responsibility upstream, from end users and SMEs to the foundational digital infrastructure providers. The paper presents a three-pillar framework: **Prevention**, **Protection**, and **Mitigation**, each designed to address different aspects of the threat landscape and enhance the resilience of the digital ecosystem. ## Main Points - **Phishing and Cyber-Enabled Fraud are Growing Threats**: - These threats have escalated significantly, with losses exceeding \$1 trillion in 2024. - They are becoming more sophisticated, leveraging AI and transnational networks. - Phishing remains the backbone of these attacks, with a variety of delivery methods including email, SMS, and voice calls. - **Systemic Defence Framework**: - The framework aims to prevent, protect, and mitigate cyber-enabled fraud across the digital ecosystem. - It is positioned between public awareness initiatives and law enforcement disruption campaigns, focusing on structural and policy interventions. - **Three Pillars of Systemic Defence**: 1. **Prevention**: Reducing the ability of bad actors to acquire or operate digital infrastructure for malicious purposes. 2. **Protection**: Embedding user safety into consumer-facing services through proactive and scalable solutions. 3. **Mitigation**: Enabling rapid and collective response to cyber threats through signal sharing and AI-assisted threat detection. ## Key Information ### Prevention - **Upstream Infrastructure Services**: These include backbone ISPs, DNS, PKI, web hosting, and CDNs. - **Domain Registration and Abuse**: Cybercriminals exploit domain registration services, often through automation and bulk registration. - In 2024, over 8.6 million unique domains were used in cyberattacks, an 81% increase from the previous year. - A mere 20 registrars out of over 3,000 accounted for nearly 84% of maliciously registered domains. - **Subdomains**: Used in a significant portion of phishing attacks, with 24% to 36.27% of attacks using subdomains. - **Reverse Proxy Services**: Provide anonymity and legitimacy to phishing infrastructure, masking the true origin of malicious websites. - **Automation and APIs**: Enable rapid deployment of phishing infrastructure, increasing the scale and speed of attacks. - **Domain Hijacking**: Through account takeover, attackers can seize control of domains to launch phishing campaigns and other fraud activities. ### Protection - **Consumer-Facing Services**: Such as email, browsers, and messaging platforms must be designed with user safety in mind. - **National Coordination Hubs**: Governments can drive adoption of security measures and provide incentives to enhance digital safety. - **Proactive Safeguards**: These include alerts, shielding, and empowering users against fraud and phishing. ### Mitigation - **Ecosystem-Wide Signal Sharing**: Involves the exchange of verified, privacy-preserving indicators of abuse. - **Incentives for Stakeholders**: Promote effective action against cyber threats. - **AI-Assisted Threat Detection**: Enhances collaboration and enables rapid response to contain sophisticated criminal infrastructures. ## Conclusion - The paper calls for a collective, forward-leaning action to strengthen the digital ecosystem against cyber-enabled fraud. - It highlights the importance of collaboration among governments, businesses, and individuals, as well as the need for policy reforms and improved coordination. - By shifting responsibility upstream and enhancing systemic defences, the digital ecosystem can be made more secure and resilient. ## Technical Terms - **Phishing-as-a-Service (PhaaS)**: A subset of crime-as-a-service (CaaS) that provides pre-built phishing tools and platforms. - **Domain Name System (DNS)**: A system that translates domain names into IP addresses. - **Public Key Infrastructure (PKI)**: A framework for creating, managing, distributing, and using digital certificates. - **Reverse Proxy Services**: Used to mask the origin of malicious websites and provide anonymity. - **Generative AI**: Used to create more convincing and effective phishing attacks. This white paper serves as a call to action for all stakeholders to work together in building a more secure and resilient digital ecosystem.