The impact of the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG) 63rd General Meeting, which took place last month in Lisbon, Portugal, will be felt for years to come. With a robust programming schedule of sessions, events, and workgroups, M3AAWG63 brought together many of the world’s top experts, and now is the time to act on the ideas presented by our members and guest speakers.
As this summary illustrates, there are plenty of opportunities to expand this meeting’s lasting influence on a safer digital environment:
Chairperson Opening and Mary Litynski Award
Sara Roper, Chairperson of our Board of Directors, opened the meeting by discussing the importance of M3AAWG Initiatives in her powerful opening address. Her talk was followed by the celebration of Kevin A. McGrail (KAM) for his selfless contributions, which earned him the Mary Litynski Award, M3AAWG’s lifetime achievement award for an immense career devoted to safeguarding millions of people worldwide.
The Global State of Scams
Jorij Abraham delivered our keynote address in Lisbon, focusing on the evolving landscape of online scams. As the Managing Director of the Global Anti-Scam Alliance (GASA), Abraham provided an in-depth look at the worldwide state of scams, revealing alarming statistics that highlight the severity of the problem and the price of inaction.
“By offering practical guidance on how we can better fight scams while illustrating the extent of the damage these scams inflict on the economy, Jorij inspired our attendees to take action against this growing threat, making his keynote address worth its weight in gold,” said Amy Cadagin, M3AAWG Executive Director.
Ford Merrill Highlights Drama of Smishing Gang
Ford Merrill, the Senior Director of Research and Innovation at SecAlliance (a CSIS Security Group company), discussed the evolving tactics of a Chinese-language smishing group, igniting one of the most jaw-dropping discussions of the meeting. His presentation, titled “Deep Dive Into a Massive Chinese Smishing Syndicate,” was also referenced in the highly influential Krebs on Security blog, further highlighting Merrill’s world-class expertise and the dire need to fight back.
Three More Sessions That Left Attendees Buzzing
How Supply Chain Attacks Can Impact Your Business: Supply chain attacks and threats have become increasingly difficult to identify as attackers discover more malicious ways to insert and distribute harmful code, often rendering it invisible to the expert eye. This session took a closer look at the xz-utils backdoor attack, demonstrating how the attacker distributed the malicious code. Presented by Carmen Piciorus, the talk also offered solutions for quickly identifying vulnerabilities and impacted applications.
Social Media Emerging Threats: Powered by inexpensive labor and AI, the number of scams on the web is exploding. Prefaced with the psychology of scams in general, this presentation, from Matthew Schneider, reviewed scams targeting individuals, businesses, and social media, covering how current AI detection methods are insufficient and will require cooperation between multiple organizations to address the issue.
Large Scale Private Text Generation and Information Retrieval with Large Language Models: This talk examined the practical implementation of Large Language Models (LLMs) in email filtering and how LLMs can complement traditional filtering methods. It was presented by Pradipta Deb and Senaid Popovic and also covered advanced features such as content categorization, password extraction from archives, and message anonymization for privacy-preserving learning.
Final Takeaways and Getting Involved
The hands-on learning and relationship-building that took place in Lisbon during our Working Sessions, Open Round Tables (ORTs), Lightning Talks, and countless discussion opportunities help advance a safer digital environment for us all.
If your company is not already a M3AAWG member, we encourage you to join M3AAWG so your company may take full advantage of the education and networking opportunities that are provided to members. You can also learn more by viewing our upcoming meetings, review our published documents showcasing M3AAWG member work, and submitting future meeting topics.
Existing members are encouraged to get involved through Initiatives,Committee/SIG calls, and joining upcoming general meetings.
All readers are encouraged to share M3AAWG’s work (e.g., published documents, blogs) with their networks to help deepen the impact in the fight against online abuse.