Phishing & BotNets Mailing List - Charter V1.0

phishing is a lightly moderated mailing list for the discussion of identification and behavior of Phishing networks and their specific scams as well as Bot networks and their particular attacks. Topics are expected to include such items as reports of new phish targets, domains or URLs, techniques and countermeasures in phishing or botnets, texts of actual scams, bot networks statistics, etc.

The goal is to help secure the common user from phishing scams and bot threats. This list is meant as an aid to network and systems administrators and security professionals as well as casual users who are interested in the latest developments in phishing and botnets. This is currently a topic which receives little public discussion and should be brought into a more public setting.

Background
The list is moderated by Nick Bilogorskiy (<mailto:nick@avresearch.net>) who is a malicious code researcher at a well-known security appliance vendor and member of the AntiPhishing Working Group (APWG).

What is appropriate content?

Any information pertaining to phishing or bot networks is acceptable, for instance:

· Specific news stories or experiences about new phishing, pharming or botnets threats and techniques.

· Technical discussions about specific areas of phishing and bot networks.

· Whitepapers that deal with phishing and botnets or closely related topics maybe posted, as long as they do not require registration.

What is inappropriate content?

· Source code or executable samples of bots or phishing scams, please send such information to INCIDENTS mailing list.

· Product placement, advertising, self-promotion or marketing (short email signatures are acceptable).

· Flame wars and generally unpolite conduct.

· Ethical, moral or political discussions. It's a technical list for professionals.

Guidelines for Posting

· All postings must be in English and plain-text, No HTML !

· Everyone has an equal voice and all posts will be approved as long as they post within the bounds of this charter.

Guidelines for Moderating
The moderator has sole and full discretion over what is appropriate content and what is not. We reserve the right to reject any message however in general all posts will be approved as long as they post within the bounds of this charter.

Conflict Resolution
From time to time people may feel that a post was either approved that shouldn't have been or a post was not approved that should have been. The appropriate way to deal with all moderation and list management issues is to:

1. Refer to this charter.
2. If you still feel a mistake has been made then you should mail the moderator (<mailto:nick@avresearch.net>) offline, explain your concerns and discuss the issue.
3. If you still a mistake has been made you should send the offline email discussion thread with the moderator along with your reasons why you feel this is not appropriate to Dave Ahmad (da@securityfocus.com) and copy the moderator.

If you are ever unsure if you should post or feel there is a justified reason why you are posting outside of the charters scope, you can mail the moderator for advice prior to posting.

List Management

How do I subscribe?
Send an e-mail message to phishing-subscribe@securityfocus.com. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

How do I unsubscribe?
Send an e-mail message to phishing-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

How do I disable mail delivery temporarily?
Unsubscribe from the list and resubscribe to start receiving mailing list traffic again.

Is the list available in a digest format?
Yes.

How do I subscribe to the digest?
Send an e-mail message to phishing-digest-subscribe@securityfocus.com. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

How do I unsubscribe from the digest?
Send an e-mail message to phishing-digest-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

I seem to not be able to unsubscribe. What is going on?
You are probably subscribed from a different address than that from which you are sending commands to the list from. Either send an email from the appropriate address or email listadmin@securityfocus.com to be unsubscribed manually.

Can you add a tag like "[phishing]" to the subject line of each message? Not at this time. How can I tell whether I am subscribed to the list?
Send an e-mail message to phishing-query@securityfocus.com. If you want to test whether you are subscribed to the digest send an e-mail message to phishing-digest-query@securityfocus.com.


Privacy Statement
Copyright 2006, SecurityFocus