Cybercrime Information Center
Cybercrime record keeping for the Internet
Latest News
2024/10/23 - Malware Activity for 1 July 2024 thru 30 September 2024
2024/9/18 - Spam Activity for 1 June 2024 thru 31 August 2024
2024/8/13 - Phishing Trends: May 2024 - July 2024
2024/8/11 - Phishing Activity for 1 May 2024 thru 31 July 2024
2024/7/18 - Malware Activity for 1 April 2024 thru 30 June 2024
2024/6/21 - Spam Activity for 1 March 2024 thru 31 May 2024
2024/5/18 - Phishing Activity for 1 Febriary 2024 thru 30 April 2024
2024/4/20 - Malware Activity for 1 January 2024 thru 31 March 2024
2024/3/20 - Phishing Activity for 1 November 2023 thru 31 January 2024
2024/3/12 - Spam Activity for 1 December 2023 thru 29 February 2024
2024/2/16 - Malware-Activity for 1 October thru 31 December 2023
2024/1/7 - Phishing Activity for 1 August 2023 thru 31 October 2023
2024/1/8 - Spam Activity for 1 September 2023 thru 30 November 2023
2023/11/06 - Malware-Activity for 1 July thru 30 September 2023
2023/10/16 - Spam Activity for 1 June 2023 thru 31 August 2023
2023/8/31 - Phishing Activity for 1 May 2023 thru 31 July 2023
2023/8/9 - 2023 Phishing Landscape Study
2023/7/16 - Malware Activity for 1 April 2023 thru 30 June 2023
2023/5/16 - Phishing Activity for 1 February 2023 thru 30 April 2023
2023/4/26 - Malware Activity for 1 January 2023 thru 31 March 2023
2023/3/14 - Interisle Consulting Group releases Malware Landscape Study 2022
2023/2/28 - Phishing Activity for 1 November 2022 thru 31 January 2023
2023/2/10 - Malware Activity for 1 October 2022 thru 31 December 2022
2022/9/12 - Phishing Activity for 1 August 2022 thru 31 October 2022
2022/11/9 - Malware Activity for 1 July 2022 thru 30 September 2022
2022/9/12 - Phishing Activity for 1 May 2022 thru 31 July 2022
2022/09/10 - Combined SURBL List added to threat intelligence.
2022/7/20 - Interisle Consulting Group releases Phishing Landscape Study 2022
2022/6/05 - Phishing Activity for 1 February 2022 thru 30 April 2021
2022/5/2 - Interisle Consulting Group releases Malware Landscape Study 2022
2022/5/2 - Malware Activity for 1 January 2022 thru 31 March 2022
2022/4/2 - InvaluementURI domain DNSBL added to threat intelligence.
2022/3/8 - Malware Activity for 1 October 2021 thru 31 December 2021
2022/2/22 - Phishing Activity for 1 November 2021 thru 31 January 2022
2022/1/25 - Malware Activity for 1 July 2021 thru 30 September 2021
2021/12/01 - Malware Activity for 1 April 2021 thru 30 June 2021
2021/12/01 - Malware Activity for 1 January 2021 thru 31 March 2021
2021/12/01 - Phishing Activity for 1 August 2021 thru 31 October 2021
2021/11/01 - Phishing Activity for 1 May 2021 thru 31 July 2021
2021/09/27 - Annual Summary of Phishing Activity 1 May 2020 thru 31 April 2021
2021/09/27 - Phishing Activity for 1 February 2021 thru 30 April 2021 added
2021/08/05 - Phishing Activity for 1 November 2020 thru 31 January 2021
2021/04/30 - Phishing Activity for 1 August 2020 thru 31 October 2020 added
2021/02/01 - MalwareURL URLBL data added to threat intelligence
2021/01/22 - URLhaus Malware URL Exchange added to threat intelligence
2021/01/03 - Malware Patrol added to threat intelligence
CIC Blog
2024/07/18 - Malware Trends, April - June 2024
2024/06/24 - Spam Trends, March - May 2024
2023/11/06 - Malware Trends, January - March 2024
2023/05/16 - Phishing Trends, November - January 2024
2024/01/23 - Spam Trends, September - November 2023
2023/11/06 - Malware Trends, July 2023 - September 2023
2023/10/16 - Spam Trends, June 2023 - August 2023
2023/07/16 - Malware Trends, April - June 2023
2023/05/16 - Phishing Trends, February - April 2023
2024/05/16 - Malware Trends, January - March 2023
2023/04/02 - Case study: collateral damage from Freenom phishing attacks
2023/03/18 - Phishing Trends, November - January 2023
2023/01/15 - Malware Trends, October - December 2022
2022/11/14 - Phishing Trends, August - October 2022
2022/09/12 - Malware Trends, July - September 2022
2022/09/13 - Phishing Trends, May - July 2022
2022/09/12 - Malware Trends, April - June 2022
2022/09/12 - Expanded Malware Reporting ath the Cybercrime Information Center
2022/05/24 - Where do criminals shop for phishing domains?
2022/05/04 - Malware Trends, January - March 2022
2022/03/16 - What Top-level Domains attract phishers?
2022/02/24 - Improvements to the Cybercrime Information Center
2022/01/25 - How to generate custom statistics from CIC TLD data
The Cybercrime Information Center is a repository for studies, measurements, data sets, statistics, and analyses of global security threats involving the Internet’s unique identifier systems: the Domain Name System (DNS), and the Internet’s numbering systems (Internet Protocol, IP, Autonomous System, AS).
Our Mission
Identify and expose domain name system (DNS) and Internet addressing systems abuse and the contexts in which it occurs—particularly those in which criminal abuse is highly concentrated. The Center's data repository will enable cyber investigators and researchers to:
discover where criminals obtain the resources they need to pursue their attacks;
identify and observe concentrations of criminal activity;
measure, quantify, and rank resource providers—registries, registrars, and resellers;
measure, quantify, and rank service providers—ISPs, operators of web, DNS, and mail hosting services, and cloud services;
observe and analyze criminal behavior over time; and
identify and codify indicators that lead to the discovery of new abusive domains, such as by using pivot points (behavioral analytics, available registration information),
We collect threat intelligence data, process these, and report what we find and learn.By publishing measurements, we make known the organizations that, wittingly or not, facilitate cybercriminal activity, as defined in the Council of Europe’s Convention on Cybercrime. The Center updates its data repository at least daily for those threats we have measured so that our studies can be repeated periodically and so that broader longitudinal analyses can be conducted in the future. We provide scientifically reliable data that governments, researchers, businesses, and others can use to evaluate the policies and practices that (intentionally or unintentionally) attract, encourage, or facilitate criminal activity.
The Center’s studies adhere to a scientific rigor: we describe our methodology and identify our origin data, which is commercially or publicly available. We publish measurements and our summary data so that others can attempt to produce same or similar results by repeating our analyses. Our findings are our own and not influenced or filtered by our sponsors or by policy, industry, or trade communities.
We seek to catalyze systemic change
Project data will enable Internet researchers to identify and study the systemic failures or shortcomings that created the opportunity for online crime to flourish. Researchers and policy-makers can then consider ways to improve the Internet systems that have been exploited for unintended and criminal purposes.