Welcome to the Cybercrime
Information Center

Cybercrime record keeping for the Internet

Latest News

2024/3/20 - Phishing Activity for 1 November 2023 thru 31 January 2024

2024/3/12 - Spam Activity for 1 December 2023 thru 29 February 2024

2024/2/16 - Malware-Activity for 1 October thru 31 December 2023

2024/1/7 - Phishing Activity for 1 August 2023 thru 31 October 2023

2024/1/8 - Spam Activity for 1 September 2023 thru 30 November 2023

2023/11/06 - Malware-Activity for 1 July thru 30 September 2023

2023/10/16 - Spam Activity for 1 June 2023 thru 31 August 2023

2023/8/31 - Phishing Activity for 1 May 2023 thru 31 July 2023

2023/8/9 - 2023 Phishing Landscape Study

2023/7/16 - Malware Activity for 1 April 2023 thru 30 June 2023

2023/5/16 - Phishing Activity for 1 February 2023 thru 30 April 2023

2023/4/26 - Malware Activity for 1 January 2023 thru 31 March 2023

2023/3/14 - Interisle Consulting Group releases Malware Landscape Study 2022

2023/2/28 - Phishing Activity for 1 November 2022 thru 31 January 2023

2023/2/10 - Malware Activity for 1 October 2022 thru 31 December 2022

2022/9/12 - Phishing Activity for 1 August 2022 thru 31 October 2022

2022/11/9 - Malware Activity for 1 July 2022 thru 30 September 2022

2022/9/12 - Phishing Activity for 1 May 2022 thru 31 July 2022

2022/09/10 - Combined SURBL List added to threat intelligence.

2022/7/20 - Interisle Consulting Group releases Phishing Landscape Study 2022

2022/6/05 - Phishing Activity for 1 February 2022 thru 30 April 2021

2022/5/2 - Interisle Consulting Group releases Malware Landscape Study 2022

2022/5/2 - Malware Activity for 1 January 2022 thru 31 March 2022

2022/4/2 - InvaluementURI domain DNSBL added to threat intelligence.

2022/3/8 - Malware Activity for 1 October 2021 thru 31 December 2021

2022/2/22 - Phishing Activity for 1 November 2021 thru 31 January 2022

2022/1/25 - Malware Activity for 1 July 2021 thru 30 September 2021

2021/12/01 - Malware Activity for 1 April 2021 thru 30 June 2021

2021/12/01 - Malware Activity for 1 January 2021 thru 31 March 2021

2021/12/01 - Phishing Activity for 1 August 2021 thru 31 October 2021

2021/11/01 - Phishing Activity for 1 May 2021 thru 31 July 2021

2021/09/27 - Annual Summary of Phishing Activity 1 May 2020 thru 31 April 2021

2021/09/27 - Phishing Activity for 1 February 2021 thru 30 April 2021 added

2021/08/05 - Phishing Activity for 1 November 2020 thru 31 January 2021

2021/04/30 - Phishing Activity for 1 August 2020 thru 31 October 2020 added

2021/02/01 - MalwareURL URLBL data added to threat intelligence

2021/01/22 - URLhaus Malware URL Exchange added to threat intelligence

2021/01/03 - Malware Patrol added to threat intelligence

CIC Blog

The Cybercrime Information Center is a repository for studies, measurements, data sets, statistics, and analyses of global security threats involving the Internet’s unique identifier systems: the Domain Name System (DNS), and the Internet’s numbering systems (Internet Protocol, IP, Autonomous System, AS).

Our Mission

Identify and expose domain name system (DNS) and Internet addressing systems abuse and the contexts in which it occurs—particularly those in which criminal abuse is highly concentrated. The Center's data repository will enable cyber investigators and researchers to:

  • discover where criminals obtain the resources they need to pursue their attacks;

  • identify and observe concentrations of criminal activity;

  • measure, quantify, and rank resource providers—registries, registrars, and resellers;

  • measure, quantify, and rank service providers—ISPs, operators of web, DNS, and mail hosting services, and cloud services;

  • observe and analyze criminal behavior over time; and

  • identify and codify indicators that lead to the discovery of new abusive domains, such as by using pivot points (behavioral analytics, available registration information),

We collect threat intelligence data, process these, and report what we find and learn.By publishing measurements, we make known the organizations that, wittingly or not, facilitate cybercriminal activity, as defined in the Council of Europe’s Convention on Cybercrime. The Center updates its data repository at least daily for those threats we have measured so that our studies can be repeated periodically and so that broader longitudinal analyses can be conducted in the future. We provide scientifically reliable data that governments, researchers, businesses, and others can use to evaluate the policies and practices that (intentionally or unintentionally) attract, encourage, or facilitate criminal activity.

The Center’s studies adhere to a scientific rigor: we describe our methodology and identify our origin data, which is commercially or publicly available. We publish measurements and our summary data so that others can attempt to produce same or similar results by repeating our analyses. Our findings are our own and not influenced or filtered by our sponsors or by policy, industry, or trade communities.

We seek to catalyze systemic change

Project data will enable Internet researchers to identify and study the systemic failures or shortcomings that created the opportunity for online crime to flourish. Researchers and policy-makers can then consider ways to improve the Internet systems that have been exploited for unintended and criminal purposes.