Global Cyber Alliance

06/18/2026

QR codes are everywhere - parking meters, restaurant menus, screens to link devices, and more. Unfortunately, cybercriminals are also using QR codes to collect personal information, login credentials, or payment details, or infect your device.

QR code scams, called quishing or QR phishing, are growing because most users don’t think of the scan as a security decision; they see it as a quick setup step and often approve it without much scrutiny.

A few signs to watch for:

1️⃣ Be careful if a QR code appears in an unexpected package, message, flyer, or email. Look closely if it seems to be printed on a sticker and placed over another code.

2️⃣ Pause to examine the URL that is displayed before clicking and do not click if the web address looks misspelled, shortened, or unrelated to the organization.

3️⃣ Be especially cautious of QR codes that appear in device linking, multi-factor authentication enrollment, or sign-in contexts unless you started the action yourself.

4️⃣ Tread carefully if the page it opens asks for passwords, payment details, or personal information.

The good news: a few seconds of caution can prevent a costly mistake. Remember to Take9 -- take 9 seconds to count before clicking!

Read more: https://globalcyberalliance.org/scan-with-a-plan-protecting-yourself-from-qr-code-scams/

A brief pause before scanning a QR code is part of cyber protection, the everyday habit of protecting yourself online.

06/16/2026

The Internet’s security depends on systems most people never see. Today, we highlight recent progress across three initiatives working to strengthen those foundations:

🔹 MANRS continues to advance routing security through community growth, technical improvements, and new resources that help organizations measure and improve their routing security posture. Today, we launched a fully rebuilt MANRS Observatory.

🔹 One of the Internet’s most persistent challenges is the continued abuse of domain names for phishing, fraud, scams, malware distribution, and other malicious activity. GCA is convening registries, registrars, security experts, and other stakeholders around the development of a Domain Trust Badge. The effort is designed to create a measurable, community-driven framework that encourages stronger anti-abuse practices across the domain ecosystem.

🔹 AIDE continues to provide visibility into malicious activity across the Internet through a global network of honeypots, helping researchers and operators better understand emerging threats. Most recently, the team explored residential proxies, which allow malicious actors to route their activity through legitimate consumer Internet connections, making attacks more difficult to detect and block.

Together, these efforts demonstrate how data, collaboration, and community action can make the Internet more secure, resilient, and trustworthy for everyone.

Much of this work is thanks to generous grants from the Internet Society and Craig Newmark Philanthropies.

Read more about our latest work:
https://globalcyberalliance.org/strengthening-the-internets-foundations-recent-progress-across-manrs-domain-trust-and-aide/

GCA has recently advanced a number of initiatives focused on strengthening critical but often invisible layers of the Internet.

06/10/2026

This is a huge moment for the Common Good Cyber Fund, and as the chair of the Ecosystem Committee we're so excited to see the applications opening soon. Read more about it from the Society Foundation below!

06/08/2026

A new report from HCSS - The Hague Centre for Strategic Studies - reinforces the importance of organizations like the Global Cyber Alliance in the global cybersecurity ecosystem.

The report by Hans Horan, Ron Stoop, and Jan Feldhusen, titled "The Unspoken Guardians of the Internet: Why Non-Profit Cybersecurity Matters for Public Safety and Global Resilience," examines the essential role nonprofit organizations play in strengthening cybersecurity, resilience, and trust across the Internet ecosystem.

GCA is featured prominently throughout as a vital contributor to public-interest cybersecurity efforts and as an example of how nonprofit organizations fill critical gaps that neither governments nor the private sector can address alone.

Read more about it here:

A new report from the Hague Centre for Strategic Studies reinforces the importance of organizations like the Global Cyber Alliance in the global cybersecurity ecosystem. The report, The Unspoken Guardians of the Internet: Why Non-Profit Cybersecurity Matters for Public Safety and Global Resilience,....

06/01/2026

What if domain registries and registrars had a visible way to demonstrate they’re actively fighting domain abuse? We're advancing the work toward a “Domain Trust Badge” — a measurable, community-driven framework designed to encourage better anti-abuse practices across the domain ecosystem.

The initiative builds on years of collaboration through Domain Trust, which now includes 32M+ shared domains and participants from registries, registrars, CERTs, researchers, and cyber responders worldwide.

The Domain Trust Action Working Group focuses the idea of a Domain Trust Badge on industry agreement, actionable standards, and measurable outcomes to reduce , , and infrastructure at scale.

The Domain Trust Badge is still a work in progress. But after seven working group meetings and contributions from across the industry, it is coherent enough to now ask the most important question: what would it actually feel like to apply?

Contact us any time, or find us in person at in Seville, Spain, next week to discuss how you can get involved in shaping this effort.

Domain Trust is building a certification framework to recognize those fighting domain abuse: a look at the Domain Trust Badge.

06/01/2026

In case you missed the interesting discussions and activities at , we've embedded our presentations into this article so you can catch up:

As part of our continued work to strengthen Internet Integrity, GCA will host discussions and presentations during RIPE 92 in Edinburgh.

05/27/2026

GCA's Andrei Robachevsky recently joined Dr. Dave Chatterjee, Ph.D. on the Cybersecurity Readiness Podcast to discuss why routing security is a critical business and governance issue for organizations of all sizes.

The conversation highlighted how Internet routing failures can silently reroute traffic across the globe without triggering traditional enterprise security alerts, and how efforts like MANRS (Mutually Agreed Norms for Routing Security) can strengthen Internet resilience and reduce exposure to routing-related threats.

On the Cybersecurity Readiness Podcast to discuss why routing security is a critical business and governance issue for all organizations.

05/14/2026

We'll be onsite at next week in Edinburgh, Scotland. ⁠
⁠
We have four sessions reflecting the importance of collective action across the Internet community, from established topics like routing security to emerging concerns such as the growing abuse of network infrastructure. We look forward to collaborating with partners and stakeholders to advance practical, measurable improvements to Internet security.⁠
⁠
RIPE meetings are where we often meet many of our key stakeholders in person and present our latest developments. If you’ll also be in Edinburgh next week, please reach out to us to discuss any of these topics, or anything else! ⁠

Read all about it here:

As part of our continued work to strengthen Internet Integrity, GCA will host discussions and presentations during RIPE 92 in Edinburgh.

05/04/2026

This week, we celebrate both National Small Business Week (US) and World Password Day. We mark this intersection with a reminder that small businesses are the backbone of the global economy, and they’re increasingly targeted by cybercriminals.

That’s why protecting small businesses’ cybersecurity is essential to protecting our global digital world.

Our latest article outlines practical, accessible steps any small business can take right now to reduce risk and strengthen resilience — from better password practices to simple security tools. Our key advice in this article is taken from the GCA Cybersecurity Toolkit for Small Business:

✔️ Strengthen passwords and enable multi-factor authentication (MFA).
✔️ Protect email systems.
✔️ Keep software updated.
✔️ Back up critical data.
✔️ Limit access.
✔️ Create a response plan.

If we want a safer, more resilient digital economy, we have to start with the organizations that power it.

Read more: https://globalcyberalliance.org/small-businesses-big-risks-cybersecurity-starts-here/

For US National Small Business Week and World Password Day, GCA recognizes that small businesses are on the front lines of cybersecurity.

04/21/2026

We're proud to be part of this 12-country, 17-organisation, multidisciplinary OSPREY Consortium. Over the next 36 months, we'll address the escalating risks faced by public-facing professionals, who are increasingly targeted by online abuse, intimidation, threats, and coordinated disinformation campaigns.

As digital threats continue to impact democratic institutions and public trust, cross-sector partnerships like this are essential. OSPREY aims to deliver both technical and practical solutions that strengthen safety, resilience, and trust in the digital public square.

A strong example of how global collaboration can turn shared challenges into actionable progress.

https://globalcyberalliance.org/introducing-osprey-consortium/

OSPREY addresses risks faced by public-facing professionals, often targeted by online abuse, intimidation, threats, and disinformation.