Privacy Policy

The Anti-Phishing Working Group (APWG) is committed to protecting the privacy of its visitors and members. We consider your privacy to be of the utmost importance; accordingly, we keep the data we collect from you to a minimum, and use it only to provide you with the services we offer.

If you would like to know more about the APWG and what we do, please visit our home page. If you want to report a phishing case, please follow the instructions for submitting phishing email at https://apwg.org/reportphishing/.

This privacy policy applies to both non-member visitors to our website and visitors who are affiliated with member organizations. If you have any questions or concerns about this policy, please send us an email at admin@apwg.org.

All Visitors

Data Collection

When you visit our website, your web browser automatically sends information (such as your IP address and the type of web browser you are using) to our web server. We keep this information in our logs and use it to send you the web page you are trying to access, as well as for research purposes and the administration of our web server. We do not use this information to personally identify you.

We also use Google Analytics to generate statistics about visitor activity on our website. The following privacy statement from the Google Analytics Terms of Service applies only to information collected for use by Google Analytics:

“This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.”

Data Sharing

We will only share information we collect about your use of our website with third parties in a limited number of circumstances:

With Google Analytics as described above
With researchers for research purposes
When required to do so by law
In the event that we need to investigate abuse of our website.

We will not share this information in any other circumstances. Please refer to the Google Analytics Privacy Statement for information about the circumstances under which Google may share information collected about your usage of our site with third parties.

Data Access

If you are a visitor, we do not use any of the information we collect about your visit to our website to personally identify you, and thus we cannot provide you access to any data generated from your visits to our website.

Member Visitors
(applies to our main site as well as member only sites)

Data Collection

When you apply for membership in the APWG, we collect some personal information from you, such as your name, phone number, and email address. We also collect information about the organization you belong to, such as the name of the organization, URL, and postal address. This information is collected in order to provide you with the services we offer to members, and is retained indefinitely unless you cancel your membership and explicitly ask for the deletion of your data and your organization’s data.

If you wish to grant membership access to additional employees from your organization, we will also collect some personal information about them, such as their names and email addresses. We use this information to manage APWG memberships. We will retain this information indefinitely unless you ask us to remove it; you may do so by contacting us at membership@antiphishing.org.

If you use our member sites, on your first visit we will ask you for some personal information, such as your full name and email, and you will be issued a username and a password. In subsequent visits to our website, you will have to log in with your username and password. The email address you provide when you create your member account will be used only for password recovery and to send you system notices.

Data Sharing

We will only share information about you or your organization with third parties as required by law, for research purposes, or if you give us your explicit consent to do so.

Given that our primary mission is to combat phishing-related identity theft and fraud, we may from time to time be contacted by other organizations with relevant information. This information might be useful to a member organization currently dealing with a phishing attack or other security breach. In this case, we will neither confirm nor deny your membership in the APWG, but instead we will contact you directly and ask your permission to make the appropriate introduction. No introductions will be made without your consent.

Data Access

A member organization’s primary contact person can see and edit the information we have on file for that organization by logging into our members only site, located at https://members.apwg.org. If you are the primary contact for your organization and you wish to have your information removed completely, please contact us at membership@apwg.org. Affiliates of member organizations who have been granted membership access to our site will need to contact their organization’s primary contact person if they wish to have their information removed.

Data Security

The security of your personal information is important to us, and we have implemented reasonable security measures to prevent unauthorized access and misuse of the information we collect from you. If you have reason to believe that your information has been compromised in any way, please contact us at admin@apwg.org