APWG Incident Response Plan For Hacked Websites

I discovered today an important resource for all webmasters or site owners who fall prey to a hacking attack initiated by phishing groups.

What to Do If Your Website Has Been Hacked by Phishers
is an extensive guide written by APWG experts and contributing researchers from FBI, Microsoft, Google, Universities and Banks.

The guide walks the phishing attack response plan step by step providing valuable tips and suggestions on how to handle a phishing hacking incident responsibly

  • Identification
  • Reporting (Notification)
  • Containment
  • Recovery
  • Follow-up

On paper, the plan looks good , but I have my doubts that webmasters will keep their cool and not delete the phishing website once they find out about it.

Read the whole guide here (PDF)

Thank you for reading this post. You can now Read Comments (3) or Leave A Trackback. Print This Post Print This Post

3 Responses to “APWG Incident Response Plan For Hacked Websites

  • 1
    March 3rd, 2009 16:17

    Interesting guide, even if useful such scenarios are pretty rare. And I think we’re gradually loosing focus from the phising threat. If we would like to truly diminish it we should focus more on informing the end user about it and how to protect against it, because a large amount (vast majority) of phising attacks are based on social engineering.

  • 2
    ZACHARY - Hotéis Em Lisboa
    April 25th, 2009 02:56

    Thanks for this presentation if the guide. I think nowadays a lot of people are worried about wat to do if the Website has been hacked by phishers. I’m worried about phishing attacks too. I would like to truly diminish them

  • 3
    Tort King
    June 10th, 2009 21:34

    LOL, NO ONE could hack my site. I do all the security myself. beatthecourt.com

Subscribe without commenting

Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge