Fighting Cyber-Enabled Fraud 2025

24. ICANN. (n.d.). Advisory: Compliance with DNS abuse obligations in the Registrar Accreditation Agreement and the Registry Agreement. Retrieved October 27, 2025, from https://www.icann.org/en/contracted-parties/advisories/ documents/advisory-compliance-with-dns-abuse-obligations-in-the-registrar-accreditation-agreement-and-the-registry- agreement-05-02-2024-en 25. Ibid. 26. ICANN. (2025, June 10). Insights and clarifications on the INFERMAL study. https://www.icann.org/en/system/files/files/ insights-clarifications-infermal-study-10jun25-en.pdf 27. NetBeacon Institute. (2025, May). White paper: Proposal for PDPs on DNS abuse. https://netbeacon.org/wp-content/ uploads/2025/05/2025-05-NetBeacon-PDP-Whitepaper-Final.pdf 28. Cloudflare (n.d.). What is domain hijacking? Retrieved October 27, 2025, from https://www.cloudflare.com/en-gb/ learning/dns/what-is-domain-hijacking/ 29. Subramani, K., Perdisci, R., & Skafidas, P . (2023, November 13). Measuring CDNs susceptible to domain fronting. arXiv. https://arxiv.org/pdf/2310.17851 30. Alcantara, J. M. (2024, May 23). Phishing with Cloudflare workers: Transparent phishing and HTML smuggling. Netskope. https://www.netskope.com/blog/phishing-with-cloudflare-workers-transparent-phishing-and-html-smuggling 31. Fortra. (2024, December 2). Cloudflare’s pages.dev and workers.dev domains increasingly abused for phishing. https://www.fortra.com/blog/cloudflare-pages-workers-domains-increasingly-abused-for-phishing 32. US Federal Bureau of Investigation. (2025, May 29). Infrastructure used to manage domains related to cryptocurrency investment fraud scams between October 2023 and April 2025. https://www.ic3.gov/CSA/2025/250529.pdf 33. US Department of the Treasury. (2025, May 29). Treasury takes action against major cyber scam facilitator [press release]. https://home.treasury.gov/news/press-releases/sb0149 34. US Federal Bureau of Investigation. (2025, May 29). Infrastructure used to manage domains related to cryptocurrency investment fraud scams between October 2023 and April 2025. https://www.ic3.gov/CSA/2025/250529.pdf 35. Rice, S. (2025, April 29). UK bans SIM farms to tackle telecoms crime and cyber fraud. Cyber Magazine. https://cybermagazine.com/network-security/uk-bans-sim-farms-as-vodafone-blocks-73-5m-scam-texts 36. Meyers, A. (2025, February 27). CrowdStrike 2025 global threat report: Beware the enterprising adversary. CrowdStrike Blog. https://www.crowdstrike.com/en-us/blog/crowdstrike-2025-global-threat-report-findings/ 37. Keepnet. (2024). The 2024 voice phishing (vishing) response report. https://keepnetlabs.com/reports/2024-voice- phishing-response-report 38. Guo, S. (2025, July 8). RCS messaging loophole exposes global users to smishing attacks. https://btw.media/all/internet- governance/rcs-messaging-loophole-exposes-global-users-to-smishing-attacks/ 39. Walsh, P . (2025, February 2025). Why SMS phishing is out of control – and the only real solution that can stop it. https:// paul-walsh.medium.com/why-sms-phishing-is-out-of-control-and-the-only-real-solution-that-can-stop-it-47456116220c 40. The systemic approach presented in this white paper aligns with the broader framework against fraud that will be detailed in the forthcoming UNODC Public-Private Partnership Toolkit Against Organized Fraud (to be released in 2026). 41. DNS Research Federation. (n.d.). 500k domain names. Retrieved October 27, 2025, from https://dnsrf.org/research/ safest-tld-league-/safest-tlds---all-tables/tld--500k/index.html 42. ICANN. (2012, February 25). SSAC comment on the orphan glue records in the draft applicant guidebook. https://www.icann.org/groups/ssac/documents/sac-048-en 43. ICANN. (2024). 2024 global amendments to the 2013 Registrar Accreditation Agreement (RAA) and Base gTLD Registry Agreement (Base RA). https://www.icann.org/resources/pages/global-amendment-2024-en 44. ICANN. Advisory: Compliance with DNS abuse obligations in the Registrar Accreditation Agreement and the Registry Agreement. https://www.icann.org/en/contracted-parties/advisories/documents/advisory-compliance-with-dns-abuse- obligations-in-the-registrar-accreditation-agreement-and-the-registry-agreement-05-02-2024-en 45. ICANN. (n.d.). All you need to know about ICANN Domain Metrica. Retrieved 2025, October 27, from https://www.icann. org/en/system/files/files/domain-metrica-brochure-20may25-en.pdf 46. ICANN. (n.d.). Welcome to the INFERMAL Project. Retrieved 2025, October 27, from https://www.icann.org/resources/ pages/inferential-analysis-maliciously-registered-domains-infermal-2024-12-03-en 47. ICANN. (2025, July 31). DNS abuse small team report to GNSO Council. https://gnso.icann.org/sites/default/files/ policy/2025/draft/dns-abuse-small-team-report-04aug25-en.pdf 48. ICANN. (2025, June 16). GAC advice. https://gac.icann.org/advice/itemized/202506-16-policy-development-related-to- dns-abuse 49. NetBeacon Institute. (2022, December 6). Best Practice: Anti-fraud tools and registration flows for registrars. https://netbeacon.org/best-practice-anti-fraud-tools-and-registration-flows-for-registrars/ 50. ICANN. (2025, June 10). Insights and clarifications on the INFERMAL study. https://www.icann.org/en/system/files/files/ insights-clarifications-infermal-study-10jun25-en.pdf Fighting Cyber-Enabled Fraud: A Systemic Defence Approach 29