打击网络欺诈:一种系统防御方法
W H I T EP A P E RD E C E M B E R2 0 2 5 Images:Unsplash + Contents Foreword3 Executive summary4 Introduction5 2 A systemic defence approach11 Conclusion21 Appendix: Glossary22 Contributors24 Endnotes28 Disclaimer This document is published by theWorld Economic Forum as a contributionto a project, insight area or interaction.The findings, interpretations andconclusions expressed herein are a resultof a collaborative process facilitated andendorsed by the World Economic Forumbut whose results do not necessarilyrepresent the views of the World EconomicForum, nor the entirety of its Members,Partners or other stakeholders. ©2025 World Economic Forum. All rightsreserved. No part of this publication maybe reproduced or transmitted in any formor by any means, including photocopyingand recording, or by any informationstorage and retrieval system. Foreword Akshay JoshiHead, Centre forCybersecurity; Member ofthe Executive Committee,World Economic Forum Philip ReinerChief Executive Officer andCo-Founder, Institute forSecurity and Technology (IST) Three decades after the internet became publiclyavailable, digital connectivity has become as vitalto societies as physical infrastructure – enablingeconomic growth, social inclusion and innovationon a global scale. Originally designed to fosteropenness and collaboration among researchers,the internet’s architecture was not built with thesafeguards needed for today’s scale and complexity.This gap has created a digital environment that,while enabling unprecedented opportunity andgrowth, also exposes individuals and organizationsto increasingly sophisticated threats such as fraudsand scams – underscoring the need for systemicresilience and collective action. There is no single blueprint for addressing sucha complex challenge, but there is growing globalconsensus on the urgency to act. This white papercontributes to that effort by presenting key insightsand outlining targeted opportunities for systemicsolutions. Its aim is not to attribute fault, but totranslate this shared urgency into coordinatedaction – mobilizing governments, industry leadersand civil society to strengthen the collectivecapacity to prevent, protect against and mitigatecyber-enabled fraud across the digital ecosystem. Those who build and operate digital infrastructureshare a responsibility to protect the public good.Just like the physical foundations of modernlife, digital infrastructure must be designed andmaintained to serve society safely and sustainably.Meeting this challenge requires collective, forward-leaning action to complement existing approachesaimed at strengthening the digital environmentto prevent abuse and protect the people andcommunities who rely on it every day. This whitepaper serves as a call to action: now is the timeto join forces across sectors and borders to builda digital ecosystem that is secure by design andresilient by default. Recognizing the need to rebalance responsibilityfor cybersecurity, the World Economic Forum’sPartnership against Cybercrime – together withthe Institute for Security and Technology (IST) – ledtheAdvancing Systemic Defenceworking groupto fight phishing and cyber-enabled fraud. Buildingon the Partnership’s progress in fostering public–private operational collaboration, this effort seeks toadvance shared responsibility throughout the digitalecosystem by stimulating coordinated action andrequired policy reforms by the key stakeholders. Executive summary The accelerating scale and impactof phishing and cyber-enabledfraud call for systemic action. Phishingandcyber-enabled fraudare a growingglobal threat to users, consumers, organizationsand countries. The World Economic Forum’sPartnership against Cybercrime, in collaborationwith the Institute for Security and Technology(IST), developed a systemic defence framework toaddress this issue. users from phishing and cyber-enabled fraud.Governments can accelerate adoption andimpact through national coordination hubs,enabling regulation and targeted incentives thatraise the baseline of digital safety. 3.Mitigation:Enabling rapid, collective response This approach explores how a multistakeholdermodel can shift responsibility upstream,empowering those best positioned to act at scaleand prevent harm from taking root in the first place.These efforts sit in the space between publicawareness initiatives – which aim to educate usersabout online risks – and law enforcement disruptioncampaigns that target criminal networks once harmhas occurred. Even with prevention and protection inplace, timely detection and response remainessential. This paper calls for ecosystem-wide signal sharing – the exchange of verified,privacy-preserving indicators of abuse – andfor incentives that promote effective actionby relevant stakeholders. AI-assisted threatdetection can enhance collaboration and enableresponse at the speed and scale required tocontain sophisticated criminal infrastructures. This paper calls on stakehol
