Public Policy Comments

• Comments by the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) on the DHS “Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements”

  M3AAWG has submitted comments to the Department of Homeland Security's (DHS) Proposed Rulemaking on “Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements”. M3AAWG recognizes the key role effective cyber incident reporting can have in addressing the impacts of cybersecurity incidents and combating online abuse. Cyber incident reporting can minimize consequences to victims, capture lessons learned, and improve cybersecurity nationwide, thereby increasing the likelihood that perpetrators will be held accountable. However, overly broad cyber incident reporting rules often do not, on balance, yield benefits commensurate with the significant costs those rules impose on both reporting entities and the government.

  We generally support CISA’s efforts to craft a proposed rule that seeks to achieve the intended goals of the CIRCIA mandates. However, M3AAWG urges CISA to consider the following suggestions to clarify or modify its proposed rule, as detailed below. We note that our comments today are focused on certain critical areas of concern to our members and do not represent a comprehensive discussion of all issues covered in the expansive CIRCIA NPRM.

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST AI 600-1, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile

  M3AAWG has submitted Comments on the NIST AI 600-1, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile. With the growing importance of AI in society and the challenges of AI-related security and abuse issues, appropriate management of AI risk is becoming ever more pertinent, which is why M3AAWG welcomes the opportunity to submit comments.

  Comments Submission Date: May 29, 2024

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST AI 100-5, A Plan for Global Engagement on AI Standards

  M3AAWG has submitted Comments on NIST AI 100-5, A Plan for Global Engagement on AI Standards. AI is a global phenomenon which impacts various countries and a number of industry sectors at high risk of abuse by cybercriminals and other threat actors. Thus, international and cross-sector engagement and involvement in standard-setting is of paramount importance.

  Comments Submission Date: May 29, 2024

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST AI 100-4, Reducing Risks Posed by Synthetic Content: An Overview of Technical Approaches to Digital Content Transparency

  M3AAWG has submitted Comments on the NIST AI 100-4, Reducing Risks Posed by Synthetic Content: An Overview of Technical Approaches to Digital Content Transparency. Synthetic content is already a concern in areas such as profit-oriented cybercrime, fake news, and election interference. It therefore represents a risk to national security as a whole. M3AAWG welcomes the opportunity to comment on the current version of NIST AI 100-4 from our perspective as security and anti-abuse specialists.

  Comments Submission Date: May 29, 2024

   

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST SP 800-218A, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models

  M3AAWG has submitted Comments on the NIST SP 800-218A, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models. The increasing importance of secure development of software and AI systems carries specific risks associated with the abuse of AI systems and AI tools used in software development. As a group of anti-abuse specialists, M3AAWG thus welcomed the opportunity to comment on the current version of NIST SP 800-218A.

  Comments Submission Date: May 29, 2024

• M3AAWG Comments on the Transposition of NIS2 Directive into EU National Law

  M3AAWG has submitted Comments on the transposition of the Revised Directive on Security of Network and Information Systems (NIS2) into EU national law. 

  Countries Submitted: Sweden, Netherlands
   

• M3AAWG Comments on the Request for Information on Open-Source Software Security: Areas of Long-Term Focus and Prioritization

  The Messaging Malware Mobile Anti-Abuse Working Group (M³AAWG) made recommendations to the Office of the National Cyber Director (ONCD) regarding the security of open-source software (OSS) in comments submitted to that office on Oct. 3rd, 2023 in response to the Request for Information on Open-Source Software Security: Areas of Long-Term Focus and Prioritization. 

  Comments Submitted: October 3, 2023

• M3AAWG Comments on Powers in Relation to UK-Related Domain Name Registries

  M³AAWG recognizes that the scope of the powers described in the proposals is limited to situations where there has been a serious relevant failure in relation to an internet domain registry or any of its registrars in scope country code top-level domains (.uk) and generic top level domains (gTLDs) (.scot / .wales / .cymru / .london) that are targeting the UK. We generally support the powers in order to protect the public from harm in these limited circumstances. View the document to review the full scope of comments submitted.

  Comments Submitted: August 31, 2023

• M3AAWG Comments on ICANN Amendments to the Base gTLD RA and RAA to Modify DNS Abuse Contract Obligations

  M3AAWG welcomes the Contracted Party House’s consideration of long overdue changes to the Base gTLDs Registry Agreement (RA) and the Registrar Accreditation Agreement (RAA) related to the pertinent issue of DNS Abuse. Comments have been submitted for the Amendments to the Base gTLD RA and RAA to Modify DNS Abuse Contract Obligations. In these Comments, M3AAWG urges that these amendments be part of a coordinated effort to address DNS Abuse now and going forward. 

• M3AAWG Comments on the NTIA's Introduction of Accountable Measures Regarding Access to Personal Information of .us Registrants

  M3AAWG has submitted comments on the National Telecommunications and Information Administration's Introduction of Accountable Measures Regarding Access to Personal Information of .us Registrants. In this set of Comments, M3AAWG urges the Agency NOT to implement the potential changes described in this request for comments. Read more for additional insight into M3AAWG's submission.

• M3AAWG Comments on Review of the Computer Misuse Act 1990: consultation and response to call for information (accessible)

  M3AAWG has submitted Comments focused on technical recommendations in response to the UK government's request for Review of the Computer Misuse Act 1990: consultation and response to call for information. These comments provide recommendations supporting efforts to tackle online abuse and cybercrime while respectfully urging the UK government to liaise with key security and anti-abuse groups including M3AAWG and its partner organizations as well as key UK-based and international industry stakeholders.

• M3AAWG Comments on NIST Cybersecurity Framework 2.0 Concept Paper

  The Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) has submitted comments in response to the National Institute on Standards and Technology (NIST) Cybersecurity Framework 2.0 Concept Paper: Potential Significant Updates to the Cybersecurity Framework (CSF Concept Paper), released on January 19, 2023. As discussed in the Comments, M3AAWG generally supports the proposals outlined in the CSF Concept Paper. However, M3AAWG urges NIST to consider the impact of proposals that could potentially dilute the usefulness of a framework originally developed to focus on critical infrastructure cybersecurity risks and needs.​

• M3AAWG Supports EPDP Phase 2A Policy Recommendations for ICANN
• Recommendations pertaining to findings from the M3AAWG and APWG WHOIS Survey Report presented to ICANN in June, 2021

  As a followup to the June 2021 survey report of cyber investigators and anti-abuse service providers on the ongoing impacts of ICANN’s implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018), M3AAWG and the Anti-Phishing Working Group (APWG) has released their recommendations for ICANN'S consideration.

• ICANN Response to M3AAWG and APWG to GDPR WHOIS - User Survey July 2021
• Letter to ICANN on ICANN GDPR User Survey - Three years later

  The M3AAWG letter to ICANN that accompanied the ICANN GDPR WHOIS User Survey compiled jointly by APWG and M3AAWG - Three Years Later.

• ICANN, GDPR, and the WHOIS: A Users Survey - Three Years Later

  M3AAWG and the Anti-Phishing Working Group (APWG) conducted a follow up survey to our 2018 survey of cyber investigators and anti-abuse service providers to determine the ongoing impacts of ICANN’s implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018). The report contains our findings and presents some recommendations for consideration.

• Second Security, Stability, and Resiliency (SSR2) Review Team comments 2021

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review and submit comments on the final report from ICANN!s Second Securi-ty Stability and Resiliency Review Team (SSR2 RT) to the ICANN Board.  

• M3AAWG Input on NIS2 Directive

  M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working group, appreciates this opportunity to comment on the Revised Directive on Security of Network and Information Systems (NIS) (https://ec.europa.eu/digital-single-market/en/news/revised-directive-security-network-and-information-systems-nis2). We make these comments in our capacities as cybersecurity professionals and researchers committed to ensuring the security and stability of the internet, including the domain name ecosystem. 

• "Call for comments – Development of a network-level blocking framework to limit botnet traffic and strengthen Canadians ’online safety", Compliance and Enforcement and Telecom Notice of Consultation CRTC 2021-9

  M3AAWG appreciates the invitation to comment on this proceeding.  Paragraph 17 of the call for comments stated: "The Commission seeks input from Internet service subscribers on the first question below, and from all stakeholders on the remaining matters."  

• M3AAWG Comments on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process

  M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group, appreciates this opportunity to comment on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process (https://gnso.icann.org/en/issues/epdp-phase-2-initial-07feb20-en.pdf). 

• M3AAWG Response for ICANN Security Stability and Resiliency Review Team (Two)

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review the draft report from ICANN’s Security Stability and Resiliency Review Team (Two).

• Comments Pertaining to the Domain Abuse Activity Reporting (DAAR) System

  M3AAWG submitted comments to ICANN on April 5, 2019 asking that additional actionable information be included in the DAAR system.  The comments are listed on the ICANN correspondence website at https://www.icann.org/resources/pages/correspondence.

• Letter to ICANN on ICANN GDPR User Survey

  The M3AAWG letter to ICANN that accompanied the ICANN GDPR WHOIS User Survey compiled jointly by APWG and M3AAWG

• ICANN GDPR and WHOIS Users Survey

  A joint survey conducted by the Anti-Phishing Working Group (APWG) and M3AAWG looks at how cyber investigators use WHOIS data and how the European Union’s General Data Protection Regulation (GDPR) has affected their anti-abuse efforts. The letter from M3AAWG and survey are also available on the ICANN site at https://www.icann.org/en/system/files/correspondence/upton-to-marby-et-a...

• Temporary Access Method for Non-Public Whois Data, and accompanying accreditation policy points

  Submitted jointly by the Anti-Phishing Working Group (APWG), M3aawg and First, this document describes a short-term method for authorized parties to access non-public WHOIS data via designated IP addresses.

• WHOIS Tiered Access and Accreditation Program

  M3AAWG submitted these short comments to ICANN stating that an expert group from the Anti-Abuse community should be created to facilitate the certification of qualified applicants from the security field.

• Comments on The Competition, Consumer Trust and Consumer Choice Review Team–New Sections Draft Report of Recommendations

  M3AAWG provided input on the new sections added to the draft ICANN report.  The comments can also be found on the ICANN site at http://mm.icann.org/pipermail/comments-cct-recs-27nov17/attachments/20180107/9b99c6d2/M3AAWG-ICANN-CCT-NewSections-2018-01-0001.pdf

• Using Generic Top Level Domain Registration Information (WHOIS Data) in Anti-Abuse Operations

  WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.

• Comments on Implementation of CSRIC III Cybersecurity Best Practices

  M3AAWG submitted these comments with the new M3AAWG Bot Metrics Report in response to the U.S, Federal Communications Communications request for comments on the status of the implementation of CSRIC III best practices.

• Additional Responses from Dr. Paul Vixie to the U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

  Dr. Vixie's August 4th written response to additional questions requested after the hearing on botnet takedowns is also available from the official U.S. Committee on the Judiciary Committee hearing website at
  www.judiciary.senate.gov/download/vixie-qfrs-71514 .

• Dr. Paul Vixie's Testimony at U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

  The extended written statement by Dr. Paul Vixie, author of several IETF DNS standards and Farsight Security, Inc. CEO. He also, augments his testimony starting around 1 hour and 34 minutes in the official hearing video (http://bit.ly/BotnetTakedownHearing2014) from the U.S. Senate Committee on the Judiciary website at http://www.judiciary.senate.gov/meetings/taking-down-botnets_public-and-... . Dr. Vixie testified at the July 15, 2014 hearing at the request of M3AAWG.

• M3AAWG Response to Stakeholder Input on the Role of Governments, ITU-CWG on Internet-related Public Policy Issues

  Submitted to the U.S. State Department in January 2014, responding to its request for Stakeholder Input on the Role of Governments, International Telecommunication Union Council Working Group on Internetprelated Public Policy Issues.

• M3AAWG Comments on the WHOIS Misuse Study

  Submitted to ICANN in response to their misuse survey report.

• M3AAWG Comments on ICANN Misuse Report

  Submitted to ICANN in December 2013 in response to ICANN's misuse survey.

   

• M3AAWG Comments on ICANN EWG Initial Report

  Submitted to ICANN in August 2013 in response to ICANN's Expert Working Group report.

   

• Response to CWG-Internet Request for Online Consultation-Combatting Spam

  Submitted in July 2013 to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in response to a request for comments on effectively countering and combatting spam.

• M3AAWG Response to CWG-Internet Request for Online Consultation-Combatting Spam

  Submitted to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in July 2013
  In response to a request for comments on effectively countering and combatting spam.

• M3AAWG Comments on Thick Whois Initial Report

  Submitted to ICANN in July 2013
  Comments on this report can also be viewed on the ICANN site at http://forum.icann.org/lists/comments-thick-whois-initial-21jun13/

• M3AAWG response to NIST Request for Information: Framework for Reducing Cyber Risks to Critical infrastructure

  Submitted to the NIST in April 2013
  Response to two questions in the National Institute of Standards and Technology Request for Information is also posted at the NIST site with comments from other organization

  s.
   

• M3AAWG Comments on CASL Draft Electronic Commerce Protection Regulations

  Submitted to Industry Canada in February 2013 - Letter submitted in response to request for comments on the draft Electronic Commerce Protection Regulations related to CASL.

   

• M3AAWG Comments on Preliminary Issue Report on Uniformity of Contracts to Address Registration Abuse

  Response to staff recommendations in the ICANN report.

• Comments on Preliminary Issue Report on Uniformity of Contracts to Address Registration Abuse

  Submitted to ICANN in September 2012
  View the preliminary report at http://gnso.icann.org/en/issues/registration-abuse/prelim-issue-report-u... or all submitted comments at http://forum.icann.org/lists/uoc-prelim-issue-report/ on the ICANN site.

   

• Comments on Abuse Contact Management in the RIPE Database

  Submitted to RIPE in August 2012
  Response to RIPE’s proposal to introduce a new contact attribute named "abuse-c

  :"
   

• M3AAWG Comments on ICANN WHOIS Policy Review Team Final Report

  Response to the final report from the ICANN WHOIS Policy Review Team

• M3AAWG Comments on WHOIS Policy Review Team Draft Report

  Response to the December 5, 2011 ICANN report from the WHOIS Review Team (WRT).

• MAAWG Comments on Protect IP and SOPA

  Submitted to U.S. Congress committees on the judiciary in December 2011
  MAAWG outlined technical issues with S.968, Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, and H.R.3261, Stop Online Piracy Act, in a letter to the judiciary committees of the U.S. Senate and U.S. House of Representatives.

   

• MAAWG Comments on the Draft Final Report of the Internationalized Registration Data Working Group

  Submitted to ICANN in November 2011
  Responses to ICANN on issues in the draft report covering the intrnationalization of domains can be read on the draft report comment site at http://forum.icann.org/lists/ird-draft-final-report/

   

• MAAWG Comments on Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware

  Submitted to NIST in November 2011- Responding to a Request for Information from the U.S. Department of Commerce (DoC) and U.S. Department of Homeland Security (DHS), the comments are also available on the NIST site.

   

• MAAWG Comments on National Initiative for Cybersecurity Education (NICE) Draft Strategic Plan

  MAAWG submitted comments in September 2011
  The comments were submitted to the National Institute of Standards and Technologyon its draft NICE plan.

• MAAWG Comments on CRTC's Draft Electronic Commerce Protection Regulations

  A response from MAAWG to the Canadian commission were submitted in September 2011.
  Submitted comments on the regulations to the Canadian Radio-television and Telecommunications Commission (CRTC) draft regulations.

• MAAWG Comments to UK House of Commons Inquiry into Malware and Cyber-crime

  MAAWG submitted a response in September 2011 to the Science and Technology Committee, UK House of Commons
  The committee's inquiry covered a variety of questions related to malware and cyber-crime.

• Comments on "Cybersecurity, Innovation and the Internet Economy" issued June 2011

  MAAWG responded to the Department of Commerce (DOC) Internet Policy Task Force's seventy-seven page green paper on "Cybersecurity, Innovation and the Internet Economy."

• MAAWG Comments on ICANN’s Draft FY2012 Budget

  MAAWG members, and our members' customers, like all Internet users, rely daily on Internet names. MAAWG commented on the proposed budget from the perspective of encouraging ICANN to continue to offer a reliable, high performance, cost effective, scalable and trustworthy system of domain names.

• Comments on ICANN WHOIS Review Team

  MAAWG comments were submitted in April 2011 on the ICANN site in response to the ICANN Call for Public Comment
  Responding to the ICANN WHOIS Review Team, MAAWG submitted comments on the useablity, access, accuracy and reliability of WHOIS and on the improvement of WDPRS.

• Comments on UK BIS Consultation on Implementing the Revised EU Electronic Communications Framework

  MAAWG comments were submitted December 2010 in response to the BIS proposal.
  The UK Department for Business Innovation and Skills launched its proposals for implementing the revised EU Electronic Communications Framework. The BIS document set out their preferred approach to implementation and asked questions on a limited number of specific issues.

• MAAWG Response to U.S. Department of Commerce’s Internet Policy Task Force on the Global Free Flow of Information on the Internet

  MAAWG comments were submitted November 2010 in response to the DoC request.
  The U.S. Department of Commerce’s Internet Policy Task Force requested comments on government policies that restrict Internet information flow, seeking to understand why these restrictions have been instituted; what, if any, impact they have, and how to address negative impacts. The DoC will publish a report contributing to the Administration’s domestic policy and international engagement on these issues.

• MAAWG Comments on ICANN FY 11 Update to Plan for Enhancing Internet Security, Stability & Resiliency

  MAAWG comments were submitted November 2010 in response to ICANN’s Plan.
  ICANN requested comments on an update to its initial plan that will be implemented in the 2010-2011 operational year. The updated plan is intended as a baseline document for ICANN and its community for organizing its security, stability and resiliency efforts.

• MAAWG Comments on ICANN Study on the Prevalence of Domain Names Registered Using a Privacy or Proxy Registration Service

  MAAWG comments were submitted October 2010 based on the ICANN request.
  ICANN conducted an exploratory study in 2009 to assess an approximate percentage of domain names (through a statistical sampling plan) contained in the top 5 gTLD registries that used privacy or proxy registration services. The study indicated that at least 18% (and probably not much more than 20%) of the domain names contained in the top 5 gTLD registries used privacy or proxy registration services.

• MAAWG Letter Regarding Canadian Fighting Internet and Wireless Spam Act (FISA)

  The MAAWG letter supporting elements of FISA (see www2.parl.gc.ca/Sites/LOP/LEGISINFO/index.asp?Language=E&list=agenda) was submitted September 2010.
  MAAWG submitted a letter supporting the global sharing of abuse-fighting information between law enforcement that is included in Canadian Bill C-28 establishing the federal Fighting Internet and Wireless Spam Act (“FISA”).

• MAAWG Comments on Department of Commerce Cybersecurity, Innovation and the Internet Economy

  MAAWG comments were submitted to the Department of Commerce’s request in September 2010. The DoC site has all submitted comments.
  The Department of Commerce’s Internet Policy Task Force undertook a comprehensive review of the nexus between cybersecurity challenges in the commercial sector and innovation in the Internet economy. The Department was seeking comments on measures to improve cybersecurity while sustaining innovation.

• MAAWG Comments on National Broadband Plan Recommendation to Create a Cybersecurity Roadmap

  MAAWG comments were submitted in response to U.S. Federal Communications Commission recommendations in September 2010.
  The U.S. FCC’s Public Safety and Homeland Security Bureau (PSHSB) requested comment on the creation of a Cybersecurity Roadmap. The plan would identify vulnerabilities to communications networks or end-users and develop countermeasures and solutions in preparation for, and response to, cyber threats and attacks in coordination with federal partners.

• MAAWG Response to ICANN's Initial Report on Proposals for Improvements to the Registrar Accreditation Agreement (RAA)

  The MAAWG response was submitted July 2010 in response to ICANN’s initial report for RAA improvements.
  The ICANN report describes recommendations on the proposed form of a Registrant Rights and Responsibilities Charter, and describing the potential topics for additional amendments to the RAA. It also includes a proposal for next steps the GNSO Council should consider in determining whether to recommend the ICANN Board adopt a new form RAA.

• MAAWG Response to National Strategy for Trusted Identities in Cyberspace

  MAAWG offered comments on the U.S. Department of Homeland Security’s strategy in July 2010
  The U.S. Department of Homeland Security’s draft plan is focused on maintaining a secure cyberspace, which is critical to the health of the economy and national security. It outlines how the federal government might address the recent and alarming rise in online fraud, identity theft, and misuse of information online.

• MAAWG Comments on ARIN Draft Policy 2010-3 “Customer Confidentiality”

  MAAWG submitted comments in March 2010. As recommended by MAAWG and others, ARIN changed course on this topic.
  The initial draft policy would have allowed ISPs to hide the true customer of a domain name. The revised Version 2 policy that was implemented recognized the need for the customer name to remain in the SWIP and RWHOIS information.

• MAAWG Comments, FCC’s In the Matter of Preserving the Open Internet, GN Docket No. 09-191, WC Docket No. 07-52, Notice of Proposed Rulemaking, FCC 09-93 (Rel. Oct. 22, 2009)

  MAAWG submitted these comments in January 2010 to the U.S. Federal Communications Commission on its open Internet proposal. The FCC requested public input on draft rules to preserve an open Internet. The FCC is seeking to preserve a platform based on a historically open architecture that has been accessible to anyone with a basic knowledge of its protocols.

Malware

• Comments by the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) on the DHS “Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements”

  M3AAWG has submitted comments to the Department of Homeland Security's (DHS) Proposed Rulemaking on “Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements”. M3AAWG recognizes the key role effective cyber incident reporting can have in addressing the impacts of cybersecurity incidents and combating online abuse. Cyber incident reporting can minimize consequences to victims, capture lessons learned, and improve cybersecurity nationwide, thereby increasing the likelihood that perpetrators will be held accountable. However, overly broad cyber incident reporting rules often do not, on balance, yield benefits commensurate with the significant costs those rules impose on both reporting entities and the government.

  We generally support CISA’s efforts to craft a proposed rule that seeks to achieve the intended goals of the CIRCIA mandates. However, M3AAWG urges CISA to consider the following suggestions to clarify or modify its proposed rule, as detailed below. We note that our comments today are focused on certain critical areas of concern to our members and do not represent a comprehensive discussion of all issues covered in the expansive CIRCIA NPRM.

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST AI 600-1, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile

  M3AAWG has submitted Comments on the NIST AI 600-1, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile. With the growing importance of AI in society and the challenges of AI-related security and abuse issues, appropriate management of AI risk is becoming ever more pertinent, which is why M3AAWG welcomes the opportunity to submit comments.

  Comments Submission Date: May 29, 2024

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST AI 100-5, A Plan for Global Engagement on AI Standards

  M3AAWG has submitted Comments on NIST AI 100-5, A Plan for Global Engagement on AI Standards. AI is a global phenomenon which impacts various countries and a number of industry sectors at high risk of abuse by cybercriminals and other threat actors. Thus, international and cross-sector engagement and involvement in standard-setting is of paramount importance.

  Comments Submission Date: May 29, 2024

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST AI 100-4, Reducing Risks Posed by Synthetic Content: An Overview of Technical Approaches to Digital Content Transparency

  M3AAWG has submitted Comments on the NIST AI 100-4, Reducing Risks Posed by Synthetic Content: An Overview of Technical Approaches to Digital Content Transparency. Synthetic content is already a concern in areas such as profit-oriented cybercrime, fake news, and election interference. It therefore represents a risk to national security as a whole. M3AAWG welcomes the opportunity to comment on the current version of NIST AI 100-4 from our perspective as security and anti-abuse specialists.

  Comments Submission Date: May 29, 2024

   

• Comments of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) on NIST SP 800-218A, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models

  M3AAWG has submitted Comments on the NIST SP 800-218A, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models. The increasing importance of secure development of software and AI systems carries specific risks associated with the abuse of AI systems and AI tools used in software development. As a group of anti-abuse specialists, M3AAWG thus welcomed the opportunity to comment on the current version of NIST SP 800-218A.

  Comments Submission Date: May 29, 2024

• M3AAWG Comments on the Transposition of NIS2 Directive into EU National Law

  M3AAWG has submitted Comments on the transposition of the Revised Directive on Security of Network and Information Systems (NIS2) into EU national law. 

  Countries Submitted: Sweden, Netherlands
   

• M3AAWG DNS Abuse Prevention, Remediation, and Mitigation Practices for Registrars and Registries

  This document is intended to provide concrete best practices for preventing or mitigating malicious or compromised domains at the registry or registrar level. A fundamental gap within the DNS community exists for how registries and registrars can best operationally effectuate anti-abuse mechanisms specific to malicious or compromised domains. M3AAWG hopes this document will help inform relevant DNS stakeholders and promote a safer and more secure DNS ecosystem. 

• M3AAWG Comments on the Request for Information on Open-Source Software Security: Areas of Long-Term Focus and Prioritization

  The Messaging Malware Mobile Anti-Abuse Working Group (M³AAWG) made recommendations to the Office of the National Cyber Director (ONCD) regarding the security of open-source software (OSS) in comments submitted to that office on Oct. 3rd, 2023 in response to the Request for Information on Open-Source Software Security: Areas of Long-Term Focus and Prioritization. 

  Comments Submitted: October 3, 2023

• M3AAWG Comments on Powers in Relation to UK-Related Domain Name Registries

  M³AAWG recognizes that the scope of the powers described in the proposals is limited to situations where there has been a serious relevant failure in relation to an internet domain registry or any of its registrars in scope country code top-level domains (.uk) and generic top level domains (gTLDs) (.scot / .wales / .cymru / .london) that are targeting the UK. We generally support the powers in order to protect the public from harm in these limited circumstances. View the document to review the full scope of comments submitted.

  Comments Submitted: August 31, 2023

• M3AAWG Best Common Practices for Managing Port 25 for IP Networks

  This document is an update to our previous "Managing Port 25 for Residential or Dynamic IP Space - Benefits of Adoption and Risks of Inaction" document published in 2005.

  Spammers and other abusers often use viruses and spyware as vehicles to assume control over large numbers of computers. By managing the sending of email from devices on their network, providers can reduce the costs of running their business, increase customer satisfaction, and reduce the level of internet abuse associated with their service.

• M3AAWG Comments on ICANN Amendments to the Base gTLD RA and RAA to Modify DNS Abuse Contract Obligations

  M3AAWG welcomes the Contracted Party House’s consideration of long overdue changes to the Base gTLDs Registry Agreement (RA) and the Registrar Accreditation Agreement (RAA) related to the pertinent issue of DNS Abuse. Comments have been submitted for the Amendments to the Base gTLD RA and RAA to Modify DNS Abuse Contract Obligations. In these Comments, M3AAWG urges that these amendments be part of a coordinated effort to address DNS Abuse now and going forward. 

• M3AAWG Comments on the NTIA's Introduction of Accountable Measures Regarding Access to Personal Information of .us Registrants

  M3AAWG has submitted comments on the National Telecommunications and Information Administration's Introduction of Accountable Measures Regarding Access to Personal Information of .us Registrants. In this set of Comments, M3AAWG urges the Agency NOT to implement the potential changes described in this request for comments. Read more for additional insight into M3AAWG's submission.

• M3AAWG Present and Future of the Public Suffix List

  This document describes the PSL, explains its current strengths and limitations, and outlines some possible future enhancements. Most importantly, though, the community must step up and help to make sure it continues to exist. 

• M3AAWG Ransomware Active Attack Response Best Common Practices

  This document addresses the options available if you realize that you are a victim of a Ransomware attack. It explains how to consider risks and alternatives in resolving the recovery and supporting continuity for your business, and how to tackle those issues. 

• M3AAWG Comments on Review of the Computer Misuse Act 1990: consultation and response to call for information (accessible)

  M3AAWG has submitted Comments focused on technical recommendations in response to the UK government's request for Review of the Computer Misuse Act 1990: consultation and response to call for information. These comments provide recommendations supporting efforts to tackle online abuse and cybercrime while respectfully urging the UK government to liaise with key security and anti-abuse groups including M3AAWG and its partner organizations as well as key UK-based and international industry stakeholders.

• M3AAWG Comments on NIST Cybersecurity Framework 2.0 Concept Paper

  The Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) has submitted comments in response to the National Institute on Standards and Technology (NIST) Cybersecurity Framework 2.0 Concept Paper: Potential Significant Updates to the Cybersecurity Framework (CSF Concept Paper), released on January 19, 2023. As discussed in the Comments, M3AAWG generally supports the proposals outlined in the CSF Concept Paper. However, M3AAWG urges NIST to consider the impact of proposals that could potentially dilute the usefulness of a framework originally developed to focus on critical infrastructure cybersecurity risks and needs.​

• National Network to End Domestic Violence (NNEDV) Expert to Provide Keynote Address on Intimate Partner Violence in the Digital Age and Strategies to Prevent Abuse at M3AAWG 56th Meeting

  CONTACT:

• Members Worldwide Gather at 55th General Meeting of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) in London to Address Current and Emerging Issues in Messaging, Malware and Cybersecurity

  SAN FRANCISCO, Calif., May 27 – Members of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) will gather June 13-16, 2022 in London as part of its global collaboration on messaging and online abuse.

• Messaging, Malware and Mobile Anti-Abuse Working Group Announces Updated Organizational Priorities, Focus Areas and Initiatives as Online Abuse Evolves

  SAN FRANCISCO, Calif., May 18 – Continuing its widely successful efforts to fight online abuse and enable a safer Internet experience since 2004, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) today announced plans to focus its work around four key industry topics, including readiness, data and identity protection, communications and supply chain, as it continues the development of the organization.

• Messaging Malware Mobile Anti-Abuse Working Group Honors Troy Hunt of Have I Been Pwned with Mary Litynski Award

  SAN FRANCISCO, Calif., Feb. 22, 2022 – The Mary Litynski Award recognizing lifetime achievement for making the Internet safer has been awarded by the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) Troy Hunt, founder of Have I Been Pwned.

• M3AAWG Brand Protection Kit Domain Management

  This document focuses on domain management. It outlines how to protect brands from threat actors who are keen to register domains that mimic a brand in order to steal information and/or assets. 

• M3AAWG Supports EPDP Phase 2A Policy Recommendations for ICANN
• Messaging, Malware and Mobile Anti-abuse Working Group Members Gather to Address Email, Messaging and Online Security and Abuse Issues

  SAN FRANCISCO, Calif., Feb. 10 – The Messaging, Malware and Mobile Anti-abuse Working Group (M3AAWG) will host its 54th general meeting February 21-24, where members of the group will collaborate on messaging delivery and abuse; network and transport security; cybersecurity across devices; and relevant industry standards and policy issues.

• Response to letter dated 30 September 2021
• Coalition Against Stalkerware Named J.D. Falk Award Winner for Raising Awareness About and Helping Victims of Malicious Spying Apps

  

  Award Honors Falk, Antispam Pioneer and a M3AAWG Founding Member

• Recommendations pertaining to findings from the M3AAWG and APWG WHOIS Survey Report presented to ICANN in June, 2021

  As a followup to the June 2021 survey report of cyber investigators and anti-abuse service providers on the ongoing impacts of ICANN’s implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018), M3AAWG and the Anti-Phishing Working Group (APWG) has released their recommendations for ICANN'S consideration.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) October General Meeting to Address Online Attacks and Abuse, Privacy and Data Protection and the Role of AI in Abuse Prevention

  Keynote to Examine Threats, Including Spyware, That Threaten Digital Communications

• ICANN Response to M3AAWG and APWG to GDPR WHOIS - User Survey July 2021
• Letter to ICANN on ICANN GDPR User Survey - Three years later

  The M3AAWG letter to ICANN that accompanied the ICANN GDPR WHOIS User Survey compiled jointly by APWG and M3AAWG - Three Years Later.

• ICANN, GDPR, and the WHOIS: A Users Survey - Three Years Later

  M3AAWG and the Anti-Phishing Working Group (APWG) conducted a follow up survey to our 2018 survey of cyber investigators and anti-abuse service providers to determine the ongoing impacts of ICANN’s implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018). The report contains our findings and presents some recommendations for consideration.

• Second Security, Stability, and Resiliency (SSR2) Review Team comments 2021

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review and submit comments on the final report from ICANN!s Second Securi-ty Stability and Resiliency Review Team (SSR2 RT) to the ICANN Board.  

• M3AAWG Input on NIS2 Directive

  M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working group, appreciates this opportunity to comment on the Revised Directive on Security of Network and Information Systems (NIS) (https://ec.europa.eu/digital-single-market/en/news/revised-directive-security-network-and-information-systems-nis2). We make these comments in our capacities as cybersecurity professionals and researchers committed to ensuring the security and stability of the internet, including the domain name ecosystem. 

• "Call for comments – Development of a network-level blocking framework to limit botnet traffic and strengthen Canadians ’online safety", Compliance and Enforcement and Telecom Notice of Consultation CRTC 2021-9

  M3AAWG appreciates the invitation to comment on this proceeding.  Paragraph 17 of the call for comments stated: "The Commission seeks input from Internet service subscribers on the first question below, and from all stakeholders on the remaining matters."  

• M3AAWG Best Practices for Sending Mandated Emails to Large Audiences

  There are a number of scenarios in which senders may be required or compelled to send a bulk message despite the fact that such messages are highly likely to exhibit poor delivery metrics such as increased bounces or complaints. These messages are not intended to be used for standard marketing or transactional notices; these are the exceptions to the rule. Prominent examples of high-risk sends would be items such as breach notifications, product recalls, health and safety notices, or other notifications that might need to be sent to individuals who have been previously been suppressed or unsubscribed.

• Exploring the Impact of Nonhuman Interactions on Email Send Metrics

  Received email may not be handled only by a human. It may be partially or even fully handled by a software program. The purpose of this document is to offer guidance to marketing and sales staff about the way that nonhuman interactions (NHI, also known as “automated clicks”) affect the performance metrics of their email messages and reporting systems. This document is not intended to solve issues, but rather to provide insights into the effects of NHI and offer some best practices for senders.

• M3AAWG Gathers for Milestone 50th General Meeting to Continue Fighting Online Abuse

  The Messaging, Malware and Mobile Anti-Abuse Working Group, the largest global industry association working against botnets, malware, spam, viruses, DoS attacks, and other online exploitation, will meet virtually October 12-15; Election security tops agenda

• Should you deploy a TLS 1.3 middlebox?

  
  To inspect or not to inspect, that is the question.

  TLS 1.3 is by far the most secure version of the Transport Layer Security (TLS) protocol, but its use of ephemeral elliptic curve keys--and the deprecation of static RSA keys--means that TLS sessions now offer forward secrecy, a bane to enterprise security administrators who want to maintain visibility into their network traffic.

• M3AAWG GENERAL MEETING INFORMATION FOR NEW ATTENDEES

   

   

  M3AAWG BOD Co-Chair's Video 

• MarTech Interview with Len Shneyder, VP of Industry Relations at Twilio SendGrid

  
  Domain-based Message Authentication, and Reporting, and Conformance is a policy that adds to SPF and DKIM and gives a receiving set of instructions on what they should do when an email they received fails other authentication checks.
  https://martechseries.com/mts-insights/interviews/len-shneyder-twilio-sendgrid/

• M3AAWG Comments on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process

  M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group, appreciates this opportunity to comment on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process (https://gnso.icann.org/en/issues/epdp-phase-2-initial-07feb20-en.pdf). 

• M3AAWG Response for ICANN Security Stability and Resiliency Review Team (Two)

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review the draft report from ICANN’s Security Stability and Resiliency Review Team (Two).

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton’s 15 Years as Executive Director at the 48th General Meeting

  Amy Cadagin Announced as M3AAWG’s New Executive Director 

  SAN FRANCISCO, February 20, 2020 — The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG’s Executive Director after 15 years of service. He will be succeeded by Amy Cadagin. 

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton's 15 Years as Executive Director at the 48th General Meeting

  The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG's Executive Director after 15 years of service. He will be succeeded by Amy Cadagin.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Recognizes Cristine Hoepers of CERT.br with Mary Litynski Award

  Largest global industry association working against online exploitation presents Dr. Hoepers, general manager of Brazil’s Computer Emergency Response Team (CERT.br), with annual award for research and training to reduce Internet abuse

• M3AAWG General Meeting Brings Together More than 200 Companies to Fight Online Abuse

  Messaging, Malware and Mobile Anti-Abuse Working Group, the largest global industry association working against botnets, malware, spam, viruses, DoS attacks and other online exploitation, will meet in San Francisco February 17-20

• How to stop email spoofing of parked domains

  
  https://www.csoonline.com/article/3512239/how-to-stop-email-spoofing-of-parked-domains.html
  J.M. Porup includes M3AAWG recommendations on protecting parked domains in an article on the importance of publishing a DMARC record for every domain a business owns.

• Steven Harroun to the panel on “Cybersecurity Risks and Realities” at the Telecommunications Media Forum

  
  https://www.canada.ca/en/radio-television-telecommunications/news/2019/12/steven-harroun-to-the-panel-on-cybersecurity-risks-and-realities-at-the-telecommunications-media-forum.html
  In a transcribed speech, Steven Harroun, chief compliance and enforcement officer, Canadian Radio-television and Telecommunications Commission (CRTC), describes efforts to protect digital economies and societies. He notes the CRTC’s work with groups like M3AAWG, the Internet Corporation for Assigned Names and Numbers and more.

• Louisiana spurns attempted ransomware attack, governor says

  
  https://www.scmagazine.com/home/security-news/ransomware/louisiana-spurns-attempted-ransomware-attack-governor-says/
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to election integrity for cities and states.

• 3 Cybersecurity Threats Facing Campaigns in 2020

  
  https://www.campaignsandelections.com/campaign-insider/3-cybersecurity-t...
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to elections, including SIM jacking, domain spoofing and email hacking.

• JPAAWG 2nd General Meeting

  
  https://internet.watch.impress.co.jp/docs/interview/1217983.html
  The Japan Anti-Abuse Working Group (JPAAWG) cooperates with M3AAWG to examine and implement measures against a wide range of email and messaging attacks, such as spam, malware and DDoS.

• M3AAWG Sending Domains Best Common Practices

  When preparing for bulk or transactional email sending, two items require special attention: outbound IP addresses, and the domain names to be used for these communications. For the latter, ESPs (Email Service Providers) go through this set-up process frequently and have to review the same readiness checklist each time. This process may involve individual client preferences and constraints, both legal and technical.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M³AAWG) 47th General Meeting to Address Emerging Threats in Online Exploitation

  SAN FRANCISCO, Oct. 10, 2019 /PRNewswire/ -- The Messaging, Malware and Mobile Anti-Abuse Working Group (M³AAWG), the largest global industry association developing cooperative approaches for fighting online abuse, next week will kick off its 47th General Meeting in Montreal.

• Twilio Joins Anti-Abuse Working Group

  
  https://www.technologybusinesstoday.com/news/article/twilio-joins-anti-abuse-working-group
  Twilio announced that it joined M3AAWG, the premier industry group dedicated to combating bots, malware, spam, viruses, denial-of-service attacks and other online exploitation.

• Technology, law, and the world to protect the Internet: Interview with the standards organization JPAAWG

  
  https://www.atmarkit.co.jp/ait/articles/1910/07/news010.html
  Japan Anti-Abuse Working Group (JPAAWG) launched in May 2019 and works with M3AAWG to focus on Internet security in Japan. ITmedia spoke with Mr. Shuji Sakuraba and Mr. Nobuhiro Suemasa of JPAAWG about the group’s work, including collaboration with M3AAWG.

• AI’s Place in Preventing Piracy

  
  https://www.cablefax.com/technology/rough-seas-ais-place-in-preventing-piracy
  Cable operators are working to prevent disruptions to their networks caused by the streaming of pirated content and DDoS attacks. The article calls out CableLabs’ work with M3AAWG on the DDoS Information Sharing Project.

• Is a DMARC policy really right for everyone?

  
  https://www.valimail.com/blog/dmarc-enforcement-for-everyone/
  Valimail makes the case for DMARC enforcement and notes that M3AAWG recommends enforcement as a deliverability best practice.

• Solving extreme email deliverability mysteries

  
  https://postmarkapp.com/podcast/solving-extreme-email-deliverability-mysteries
  Anna Ward, Postmark’s head of deliverability, discusses her path to becoming an email deliverability expert and the impact of being a part of the M3AAWG community on her work.

• Comments Pertaining to the Domain Abuse Activity Reporting (DAAR) System

  M3AAWG submitted comments to ICANN on April 5, 2019 asking that additional actionable information be included in the DAAR system.  The comments are listed on the ICANN correspondence website at https://www.icann.org/resources/pages/correspondence.

• M3AAWG Email Anti-Abuse Product Evaluation Best Current Practices, Updated March 2019

  Outlining practices used during trial evaluations of messaging anti-abuse products or services, this document provides recommendations on processes and techniques to accurately determine a particular solution’s effectiveness. The March 2019 version includes recommendations affected by newer technology, such as cloud services, and other updates.

• Dave Piscitello Receives M3AAWG Mary Litynski Award for a Lifetime of Fighting DNS and Online Abuse

  San Francisco, February 19, 2019 – As a young security consultant, Dave Piscitello wondered, “how do these guys get away with all this spam and malware?” which led him to take on the challenging work of persuading the online ecosystem to address DNS abuse and related issues through his years at ICANN and in his involvement with other industry associations.

• M3AAWG Best Current Practices for Reporting Phishing URLs

  Phishing continues to be a significant problem for hosting companies, mailbox providers, brand owners and, of course, for every internet user. This document iinforms all of these groups on the best current practices for reporting phishing URLs.

• First Japan Anti-Abuse Working Group General Meeting Shares M3AAWG Work with Emphasis on Regional Issues

  San Francisco, Nov. 1, 2018 – Strengthening Asian efforts to protect the internet and online users, the First General Meeting of the Japan Anti-Abuse Working Group will be held Nov. 8 in Tokyo with security and operational professionals from messaging service providers, cloud hosting services, ISPs and other infrastructure organizations.

• ICANN GDPR WHOIS Policy Eliminates Pre-Emptive Protection of Internet Infrastructure Abuse; Obstructs Routine Forensics to Cybercriminals’ Advantage

  Cambridge, Mass. and San Francisco, Oct. 24, 2018 – A joint APWG-M3AAWG survey of cybercrime responders and anti-abuse personnel indicates ICANN’s Temporary Specification for domain name WHOIS data has eliminated interventions that previously allowed investigators to stop new cybercrimes while still in the preparatory stages -- and has markedly impeded routine mitigations for many kinds of cybercrimes. The survey was submitted to ICANN on Oct. 18 by the Anti-Phishing Working Group and the Messaging, Malware and Mobile Anti-Abuse Working Group.

• Letter to ICANN on ICANN GDPR User Survey

  The M3AAWG letter to ICANN that accompanied the ICANN GDPR WHOIS User Survey compiled jointly by APWG and M3AAWG

• ICANN GDPR and WHOIS Users Survey

  A joint survey conducted by the Anti-Phishing Working Group (APWG) and M3AAWG looks at how cyber investigators use WHOIS data and how the European Union’s General Data Protection Regulation (GDPR) has affected their anti-abuse efforts. The letter from M3AAWG and survey are also available on the ICANN site at https://www.icann.org/en/system/files/correspondence/upton-to-marby-et-a...

• BEC List Recipients of the 2018 M3AAWG JD Falk Award

  The 2018 M3AAWG JD Falk Award was presented October 9 during the M3AAWG 44^th General Meeting in Brooklyn, NY, USA, to:

  Ronnie Tokazowski, BEC List Founder and Administrator,
  Reverse Engineer, Flashpoint, @iHeartMalware

  and the BEC List Members

  A partial listing of companies participating in the Business Email Compromise List as of October 2018:

• “Under the Radar” Industry Group Fighting BEC Phishing Receives 2018 M3AAWG JD Falk Award

  New York, October 9, 2018 – A private, sequestered email group that you probably have never heard of – but that has helped prevent millions of dollars in fraud and assisted in taking down thousands of Nigerian scheme email accounts – was honored today with the 2018 JD Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working Group.

• A M3AAWG Introduction to Addressing Malicious Domain Registrations

  This document focuses on defining malicious domain names and provides a non-exhaustive list of possible actions that can be taken to address them.

• M3AAWG Recommendations: Methods for Sharing Dynamic IP Address Space Information with Others-Updated May 2018 (2008)

  Although M3AAWG recommends blocking outbound port 25 traffic as the best option for controlling the flow of unwanted email traffic from an ISP’s customer space, such blocks may not always be possible, either for the short or long term. This document offers some alternatives for these ISPs by describing methods they can use to share their dynamic space information with others and allow remote sites to reject inbound mail traffic from dynamic address space.

• Temporary Access Method for Non-Public Whois Data, and accompanying accreditation policy points

  Submitted jointly by the Anti-Phishing Working Group (APWG), M3aawg and First, this document describes a short-term method for authorized parties to access non-public WHOIS data via designated IP addresses.

• WHOIS Tiered Access and Accreditation Program

  M3AAWG submitted these short comments to ICANN stating that an expert group from the Anti-Abuse community should be created to facilitate the certification of qualified applicants from the security field.

• Taking on Calendar Spam, Scheduling Developers Organization CalConnect Collaborates with Messaging Anti-Abuse M3AAWG

  McKinleyville, CA and San Francisco, April 5, 2018 – Recognizing that calendar spam is a growing exploitation channel, CalConnect and the global anti-abuse association M3AAWG have joined forces to develop new methods to protect end-users from unsolicited and malicious event notices.  The new liaison between the scheduling developers’ organization and the Messaging, Malware and Mobile Anti-Abuse Working Group will accelerate industry efforts to develop techniques that block invites to fake events and other malicious notices on popular calendaring platforms.

• M3AAWG Compromised User ID Best Practices, Version 1.0.1

  Updated in March 2018, this document addresses problems associated with compromised user accounts. It discusses mitigation techniques and methods of identifying compromised accounts, including recommendations to ensure the long-term security of accounts to prevent “re-compromise.”

• M3AAWG Recommendations for Preserving Investments in New Generic Top-Level Domains (gTLDs)

  Over a thousand new generic Top-Level Domains (gTLDs) have been, or are in, the process of being created under ICANN’s new gTLD program.  This paper is written for current Registry operators and for companies interested in applying for new gTLDs, and outlines the risks and some relatively simple recommendations that can help correct these problems.

• Comments on The Competition, Consumer Trust and Consumer Choice Review Team–New Sections Draft Report of Recommendations

  M3AAWG provided input on the new sections added to the draft ICANN report.  The comments can also be found on the ICANN site at http://mm.icann.org/pipermail/comments-cct-recs-27nov17/attachments/20180107/9b99c6d2/M3AAWG-ICANN-CCT-NewSections-2018-01-0001.pdf

• German Law Enforcement Officials Receive 2017 M3AAWG J.D. Falk Award for Initiating Global Takedown of Avalanche Malware Platform

  Toronto, October 4, 2017 –  M3AAWG honored two German law enforcement officials today for their work in developing the global public/private collaboration that shutdown a massive malware offensive infecting computers in 189 countries and costing victims over $6 million in ransomware payments. Lower Saxony Chief Police Inspector Jörn Bisping and Senior Prosecutor Frank Lange received the 2017 M3AAWG J.D. Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working group for spearheading worldwide efforts to dismantle the criminalized Avalanche platform.

• M3AAWG Introduction to Reflective DDoS Attacks

  Many thousands of individual Distributed Denial-of-Service attacks take place each day. While many of these are relatively small, they are sufficient to take unprepared sites offline and threaten connectivity over large regions of the internet. It is in everyone’s interest to take all possible precautions to thwart these damaging DDoS attacks. This paper provides an overview of how this very common form of attack works, what measures can be taken to help eliminate it and pointers to some of the many technical documents that can provide more detail. Also see the video Understanding and Preventing Reflective DDoS Attacks with M3AAWG Senior Technical Advisor Dr. Richard Clayton of Cambridge University explaining reflective DDoS attacks and some of the actions the industry can take to protect against them.

• El valor de hacerse miembro. Hoja informativa.

  El valor de hacerse miembro. Hoja informativa. – M3AAWG Membership Value and Fact Sheet in Spanish

• Latin American and Caribbean Anti-Abuse Working Group to Collaborate with LACNIC and M3AAWG to Fight Online Threats

  San Francisco, May 4, 2017 – The Latin American and Caribbean Network Operators Group (LACNOG) has chartered a new working group to serve as a regional voice in the global anti-abuse community. The new LAC Anti-Abuse Working Group (LAC-AAWG) will convene experts from regional network operator communities and the global Messaging, Malware and Mobile Anti-Abuse Working Group to encourage industry dialogue, develop recommendations and advance best practices for safeguarding online activities.

• M3AAWG Membership Value and Fact Sheet
• M3AAWG Issues New Papers Explaining Password Security, Multifactor Authentication, Encryption Use and DDoS Safeguards; Announces 2017 Leadership and Committee Chairs

  San Francisco, April 4, 2017 – Addressing current threats such as DDoS attacks and Internet of Things security, the Messaging, Malware and Mobile Anti-Abuse Working Group has released five new best practices papers and created new special interest groups to develop cybersecurity approaches that will help protect end-users. The organization also announced its 2017 leadership and committee chairs who are responsible for supporting the group’s ongoing collaborative efforts and identifying new areas of online vulnerability.

• M3AAWG Initial Recommendations: Arming Businesses Against DDoS Attacks

  Distributed Denial of Service attacks continue to be a major concern. This guide helps businesses prepare for DDoS attacks and, as a side benefit, some of these same techniques can also help businesses that suddenly see a large increase in legitimate customer web traffic.

• André Leduc Receives M3AAWG 2016 JD Falk Award for Operation Safety-Net and CASL Work that Protects Online Users

  Paris, France Oct. 25, 2016 – The lead architect of both a comprehensive report that demystifies online threats for the general public and an important Canadian law that has appreciably reduced spam has received the M3AAWG 2016 JD Falk Award for his contributions to a safer online world.  André Leduc was recognized for spearheading the global Operation Safety-Net best practices report and for his role in developing the Canadian Anti-spam Legislation that requires marketers to obtain users' permission before sending commercial email.

• M3AAWG Best Current Practices For Building and Operating a Spamtrap, Ver. 1.2.0

  Updated in August 2016 as Version 1.2.0, this document is for spamtrap operators who generally use data generated from spamtraps for purposes such as research, evidence collection, infected machine mitigation or mail list leakage and list quality control.

• Using Generic Top Level Domain Registration Information (WHOIS Data) in Anti-Abuse Operations

  WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.

• Global Cyber Alliance Joins Forces with M3AAWG to Drive Industry Adoption of Cybersecurity Solutions

  San Francisco, May 4, 2016 – Global Cyber Alliance – an organization founded by the New York County District Attorney's Office, the City of London Police and the Center for Internet Security – will be collaborating with M3AAWG to push the security community to more quickly adopt concrete, quantifiable practices that can reduce online threats.

• Internet Infrastructure Coalition (i2Coalition) Joins M3AAWG to Reduce Hosting Industry Abuse, Will Fight Spam, Malware and Other Cloud and Hosting Threats

  San Francisco, March 16, 2016 – The Internet Infrastructure Coalition, i2Coalition, has joined the Messaging, Malware and Mobile Anti-Abuse Working Group to continue work on developing best practices for hosting and cloud service companies and to share other information that will protect end-users. Members of the i2Coalition's new Internet Safety Working Group and its Abuse Reporting Discussion List will be participating in M3AAWG meetings and committee work as the two organizations collaborate on threats aimed at the Internet's infrastructure.

• M3AAWG Mobile Messaging Best Practices for Service Providers - Updated August 2015

  These industry best practices are intended to help mitigate the abuse of mobile messaging (i.e., SMS, MMS and RCS), including text messaging and connected services. The guidelines outlined here will assist service providers and vendors in maintaining practical levels of trust and security across an open, globally-interconnected messaging environment. Updated August 2015.

• Anti-Phishing Best Practices for ISPs and Mailbox Providers, Version 2.01, June 2015

  This document was jointly developed by the Anti-Phishing Working Group (APWG) and M3AAWG with technical and business practices to help ISPs and mailbox providers thwart phishing attacks and other malevolent network abuses.  It also includes practices to respond constructively when these attacks occur. Version 2.01 updates the anti-phishing best practices originally published in 2006.

• Operation Safety-Net: Best Practices to Address Online, Mobile, and Telephony Threats

  Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.

• M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

  System abuse drains time and revenue for hosting and cloud providers, who must maintain constant vigilance to make sure their systems are not compromised and ensure that their customers are vigilant. This document categorizes types of abuse, suggests appropriate responses and reviews practices for dealing with customers and complaints. It provides current best common practices in use with the hosting, DNS and domain registration provider communities.

• M3AAWG Best Common Practices for the Use of a Walled Garden, Version 2.0

  These updated best practices outline the criteria for exit, entry, remediation and subscriber education when using a walled garden to remediate virus and bot infections in subscriber devices.

• Comments on Implementation of CSRIC III Cybersecurity Best Practices

  M3AAWG submitted these comments with the new M3AAWG Bot Metrics Report in response to the U.S, Federal Communications Communications request for comments on the status of the implementation of CSRIC III best practices.

• M3AAWG Bot Metrics Report #1 Combined – 2012 and 2013

  Combines data from our first report in 2012 through 2013

• Additional Responses from Dr. Paul Vixie to the U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

  Dr. Vixie's August 4th written response to additional questions requested after the hearing on botnet takedowns is also available from the official U.S. Committee on the Judiciary Committee hearing website at
  www.judiciary.senate.gov/download/vixie-qfrs-71514 .

• Dr. Paul Vixie's Testimony at U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

  The extended written statement by Dr. Paul Vixie, author of several IETF DNS standards and Farsight Security, Inc. CEO. He also, augments his testimony starting around 1 hour and 34 minutes in the official hearing video (http://bit.ly/BotnetTakedownHearing2014) from the U.S. Senate Committee on the Judiciary website at http://www.judiciary.senate.gov/meetings/taking-down-botnets_public-and-... . Dr. Vixie testified at the July 15, 2014 hearing at the request of M3AAWG.

• M3AAWG Tackles Emerging Security Issues with Industry Collaboration; Also Announces 2014 Leadership

  San Francisco, April 22, 2014 – Tackling security concerns with hosting and cloud storage, pervasive monitoring, identity management, and telephony, the Messaging, Malware and Mobile Anti-Abuse Working Group has announced the formation of four new collaborative special interest groups along with its organizational leadership for 2014.  The new SIGs provide a trusted venue for industry participation on critical issues while M³AAWG continues to support the ongoing work in its core security tracts.

• M3AAWG Feedback Reporting Recommendation

  Just as speaking a common language allows two people to communicate effectively, standards that define the format of abuse reports and the destination address for them increase the effectiveness of network owners in fighting abusive traffic.

• M3AAWG Response to Stakeholder Input on the Role of Governments, ITU-CWG on Internet-related Public Policy Issues

  Submitted to the U.S. State Department in January 2014, responding to its request for Stakeholder Input on the Role of Governments, International Telecommunication Union Council Working Group on Internetprelated Public Policy Issues.

• M3AAWG Comments on the WHOIS Misuse Study

  Submitted to ICANN in response to their misuse survey report.

• M3AAWG Comments on ICANN Misuse Report

  Submitted to ICANN in December 2013 in response to ICANN's misuse survey.

   

• M3AAWG Comments on ICANN EWG Initial Report

  Submitted to ICANN in August 2013 in response to ICANN's Expert Working Group report.

   

• Response to CWG-Internet Request for Online Consultation-Combatting Spam

  Submitted in July 2013 to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in response to a request for comments on effectively countering and combatting spam.

• M3AAWG Response to CWG-Internet Request for Online Consultation-Combatting Spam

  Submitted to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in July 2013
  In response to a request for comments on effectively countering and combatting spam.

• M3AAWG Comments on Thick Whois Initial Report

  Submitted to ICANN in July 2013
  Comments on this report can also be viewed on the ICANN site at http://forum.icann.org/lists/comments-thick-whois-initial-21jun13/

• M3AAWG response to NIST Request for Information: Framework for Reducing Cyber Risks to Critical infrastructure

  Submitted to the NIST in April 2013
  Response to two questions in the National Institute of Standards and Technology Request for Information is also posted at the NIST site with comments from other organization

  s.
   

• M3AAWG Announces 2013 Leadership for Fighting Malware and Mobile Abuse

  San Francisco, March 20, 2013 – Emphasizing the need for more cooperative cybersecurity efforts across platforms, the Messaging, Malware and Mobile Anti-Abuse Working Group will continue with a diverse leadership structure for 2013.  Alex Bobotek of AT&T and Chris Roosenraad of Time Warner Cable will continue as M³AAWG Co-Chairmen with Michael O’Reirdan of Comcast continuing as a Board member and M³AAWG Chairman Emeritus.

• Independent Georgia Tech Study Reveals Best Ways to Tell Customers “You’re Botted”

  San Francisco, Feb. 20, 2013 – A bot believed to have netted $14 million in illicit profits has been turned into a golden learning opportunity, yielding important insights into how the online community can best alert and assist customers with infected systems.

• Georgia Tech DNS Changer Remediation Study

  Results by Georgia Tech researchers of a study based on the industry’s response to the DNS Changer Trojan with shared recommendations to help curb future malware outbreaks that was presented at the M3AAWG 27th General Meeting in San Francisco.

  A study presented at the M³AAWG 27^th General Meeting in February 2013 in San Francisco by Georgia Tech researchers Wei Meng, Ruian Duan and Wenke Lee with data provided by the DNS Changer Working Group to determine the most effective methods of notifying end-users of malware infections.

• M3AAWG Comments on CASL Draft Electronic Commerce Protection Regulations

  Submitted to Industry Canada in February 2013 - Letter submitted in response to request for comments on the draft Electronic Commerce Protection Regulations related to CASL.

   

• M3AAWG San Francisco Meeting Addresses Latest Messaging Security Ranging from Mobile Malware to DDoS Attacks

  San Francisco, Jan. 30, 2013 – With the variety of devices in use today and the pervasive connectivity available to users, malware could easily get the upper hand on many networks without corrective measures.  The Feb. 19-21 M³AAWG 27th General Meeting in San Francisco will focus on helping the industry develop the necessary strategies to protect end-users from the latest messaging abuses, whatever the abuse vector or device that is targeted. 

• New Online and Mobile Best Practices Clarify Business and Governmental Security Tactics

  Baltimore, Oct. 24, 2012 – A cooperative international report available today outlines Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots and other Internet threats, and provides a thorough review of current and emerging threats.

• M3AAWG Conduct Policy

  Conduct Policy Updated and Approved by the M3AAWG Board of Directors June 6, 2024. Original policy Approved by the M3AAWG Board of Directors 1-11-2019

  1. Overall Policy

• M3AAWG Comments on Preliminary Issue Report on Uniformity of Contracts to Address Registration Abuse

  Response to staff recommendations in the ICANN report.

• Comments on Preliminary Issue Report on Uniformity of Contracts to Address Registration Abuse

  Submitted to ICANN in September 2012
  View the preliminary report at http://gnso.icann.org/en/issues/registration-abuse/prelim-issue-report-u... or all submitted comments at http://forum.icann.org/lists/uoc-prelim-issue-report/ on the ICANN site.

   

• Comments on Abuse Contact Management in the RIPE Database

  Submitted to RIPE in August 2012
  Response to RIPE’s proposal to introduce a new contact attribute named "abuse-c

  :"
   

• Nominations Open at M3AAWG for New J.D. Falk Award Honoring Inventive Cyber Security Work

  San Francisco, July 18, 2012 – Seeking to throw a little light on those making the Internet a safer experience for all, the Messaging, Malware and Mobile Anti-Abuse Working Group is now accepting nominations for the first annual J.D. Falk Award, named after the dedicated industry advocate who was instrumental in the growth of M³AAWG and other technical organizations.  The award, developed in conjunction with his employer Return Path, Inc. and his family, celebrates J.D.

• M3AAWG Comments on ICANN WHOIS Policy Review Team Final Report

  Response to the final report from the ICANN WHOIS Policy Review Team

• M3AAWG Comments on WHOIS Policy Review Team Draft Report

  Response to the December 5, 2011 ICANN report from the WHOIS Review Team (WRT).

• MAAWG Evolves into M3 Tackling Messaging, Malware, Mobile; Breaking through “Silo” Thinking, Pushes Industry to Better Cooperation

  San Francisco, February 14, 2012 – The online industry generally acknowledges that viruses and malicious code are spread through spam, yet it seems that malware and messaging security professionals rarely collaborate on threats despite the commonality of their work. The Messaging Anti-Abuse Working Group is pushing the industry to move beyond this “silo” mentality to better protect end-users.

• MAAWG Comments on Protect IP and SOPA

  Submitted to U.S. Congress committees on the judiciary in December 2011
  MAAWG outlined technical issues with S.968, Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, and H.R.3261, Stop Online Piracy Act, in a letter to the judiciary committees of the U.S. Senate and U.S. House of Representatives.

   

• MAAWG Comments on the Draft Final Report of the Internationalized Registration Data Working Group

  Submitted to ICANN in November 2011
  Responses to ICANN on issues in the draft report covering the intrnationalization of domains can be read on the draft report comment site at http://forum.icann.org/lists/ird-draft-final-report/

   

• MAAWG Comments on Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware

  Submitted to NIST in November 2011- Responding to a Request for Information from the U.S. Department of Commerce (DoC) and U.S. Department of Homeland Security (DHS), the comments are also available on the NIST site.

   

• MAAWG Hosts Joint European Meeting with LAP/EU CNSA; French Officials to Address Paris Summit on Spam and Malware

  San Francisco, Oct. 5, 2011 – A global summit of online security experts will convene in Paris at a joint MAAWG-LAP meeting featuring keynotes by important French government officials along with panels of international law enforcement agents, public policy advisors, technologists and academic researchers. Organized around the annual European meeting of the Messaging Anti-Abuse Working Group on Oct.

• MAAWG Comments on National Initiative for Cybersecurity Education (NICE) Draft Strategic Plan

  MAAWG submitted comments in September 2011
  The comments were submitted to the National Institute of Standards and Technologyon its draft NICE plan.

• MAAWG Comments on CRTC's Draft Electronic Commerce Protection Regulations

  A response from MAAWG to the Canadian commission were submitted in September 2011.
  Submitted comments on the regulations to the Canadian Radio-television and Telecommunications Commission (CRTC) draft regulations.

• MAAWG Comments to UK House of Commons Inquiry into Malware and Cyber-crime

  MAAWG submitted a response in September 2011 to the Science and Technology Committee, UK House of Commons
  The committee's inquiry covered a variety of questions related to malware and cyber-crime.

• Comments on "Cybersecurity, Innovation and the Internet Economy" issued June 2011

  MAAWG responded to the Department of Commerce (DOC) Internet Policy Task Force's seventy-seven page green paper on "Cybersecurity, Innovation and the Internet Economy."

• MAAWG Comments on ICANN’s Draft FY2012 Budget

  MAAWG members, and our members' customers, like all Internet users, rely daily on Internet names. MAAWG commented on the proposed budget from the perspective of encouraging ICANN to continue to offer a reliable, high performance, cost effective, scalable and trustworthy system of domain names.

• Comments on ICANN WHOIS Review Team

  MAAWG comments were submitted in April 2011 on the ICANN site in response to the ICANN Call for Public Comment
  Responding to the ICANN WHOIS Review Team, MAAWG submitted comments on the useablity, access, accuracy and reliability of WHOIS and on the improvement of WDPRS.

• First China-U.S. Effort to Fight Spam
  (Joint News Release issued with EastWest Institute)
• Incoming State Attorneys General Association President McKenna and FTC Consumer Protection Director Vladeck To Address Online Protection at MAAWG; Global Gathering Tackles Cybersecurity Policy, Technology, Mobile and Social Platforms

• Comments on UK BIS Consultation on Implementing the Revised EU Electronic Communications Framework

  MAAWG comments were submitted December 2010 in response to the BIS proposal.
  The UK Department for Business Innovation and Skills launched its proposals for implementing the revised EU Electronic Communications Framework. The BIS document set out their preferred approach to implementation and asked questions on a limited number of specific issues.

• MAAWG Response to U.S. Department of Commerce’s Internet Policy Task Force on the Global Free Flow of Information on the Internet

  MAAWG comments were submitted November 2010 in response to the DoC request.
  The U.S. Department of Commerce’s Internet Policy Task Force requested comments on government policies that restrict Internet information flow, seeking to understand why these restrictions have been instituted; what, if any, impact they have, and how to address negative impacts. The DoC will publish a report contributing to the Administration’s domestic policy and international engagement on these issues.

• MAAWG Comments on ICANN FY 11 Update to Plan for Enhancing Internet Security, Stability & Resiliency

  MAAWG comments were submitted November 2010 in response to ICANN’s Plan.
  ICANN requested comments on an update to its initial plan that will be implemented in the 2010-2011 operational year. The updated plan is intended as a baseline document for ICANN and its community for organizing its security, stability and resiliency efforts.

• MAAWG Develops First Industry Best Practices for Protecting Web Messaging Consumers; Also Issues Practices for Email Complaint Feedback Loops and Evaluating Anti-Abuse Products for Email Operators
  San Francisco, October 28, 2010 –The first industry best practices to help Web messaging and social networking operators protect users of their Web mail, direct messaging and SMS services from spam and other cyber attacks have been released by the Messaging Anti-Abuse Working Group (MAAWG). MAAWG also published two other new best practices papers clarifying conventional email processes for incorporating consumer complaint feedback loops and to assist ISPs in evaluating anti-abuse tools.

   
• MAAWG Comments on ICANN Study on the Prevalence of Domain Names Registered Using a Privacy or Proxy Registration Service

  MAAWG comments were submitted October 2010 based on the ICANN request.
  ICANN conducted an exploratory study in 2009 to assess an approximate percentage of domain names (through a statistical sampling plan) contained in the top 5 gTLD registries that used privacy or proxy registration services. The study indicated that at least 18% (and probably not much more than 20%) of the domain names contained in the top 5 gTLD registries used privacy or proxy registration services.

• MAAWG Letter Regarding Canadian Fighting Internet and Wireless Spam Act (FISA)

  The MAAWG letter supporting elements of FISA (see www2.parl.gc.ca/Sites/LOP/LEGISINFO/index.asp?Language=E&list=agenda) was submitted September 2010.
  MAAWG submitted a letter supporting the global sharing of abuse-fighting information between law enforcement that is included in Canadian Bill C-28 establishing the federal Fighting Internet and Wireless Spam Act (“FISA”).

• MAAWG Comments on Department of Commerce Cybersecurity, Innovation and the Internet Economy

  MAAWG comments were submitted to the Department of Commerce’s request in September 2010. The DoC site has all submitted comments.
  The Department of Commerce’s Internet Policy Task Force undertook a comprehensive review of the nexus between cybersecurity challenges in the commercial sector and innovation in the Internet economy. The Department was seeking comments on measures to improve cybersecurity while sustaining innovation.

• MAAWG Comments on National Broadband Plan Recommendation to Create a Cybersecurity Roadmap

  MAAWG comments were submitted in response to U.S. Federal Communications Commission recommendations in September 2010.
  The U.S. FCC’s Public Safety and Homeland Security Bureau (PSHSB) requested comment on the creation of a Cybersecurity Roadmap. The plan would identify vulnerabilities to communications networks or end-users and develop countermeasures and solutions in preparation for, and response to, cyber threats and attacks in coordination with federal partners.

• Facebook and Tata Communications Join MAAWG Board of Directors; Will Fight Spam and Online Abuse with Global Industry Organization

  San Francisco, Aug. 18, 2010 – Demonstrating their commitment to work with the international online industry to protect consumers, Facebook and Tata Communications, a leading global telecom service provider that is part of India’s Tata Group, have joined the Messaging Anti-Abuse Working Group at the organization’s highest membership level and will serve on the MAAWG Board of Directors.

• MAAWG Response to ICANN's Initial Report on Proposals for Improvements to the Registrar Accreditation Agreement (RAA)

  The MAAWG response was submitted July 2010 in response to ICANN’s initial report for RAA improvements.
  The ICANN report describes recommendations on the proposed form of a Registrant Rights and Responsibilities Charter, and describing the potential topics for additional amendments to the RAA. It also includes a proposal for next steps the GNSO Council should consider in determining whether to recommend the ICANN Board adopt a new form RAA.

• MAAWG Response to National Strategy for Trusted Identities in Cyberspace

  MAAWG offered comments on the U.S. Department of Homeland Security’s strategy in July 2010
  The U.S. Department of Homeland Security’s draft plan is focused on maintaining a secure cyberspace, which is critical to the health of the economy and national security. It outlines how the federal government might address the recent and alarming rise in online fraud, identity theft, and misuse of information online.

• MAAWG Overview of DNS Security - Port 53 Protection

  This paper briefly discusses how an DNS attack works, the impact of this threat, proposes a solution and discusses the advantages and disadvantages from a technical, business and regulatory standpoint

• MAAWG Hosts GSMA Security Group in Europe Industry Meeting Attacks Spam Across Platforms, Promotes International, Industry-wide Cooperation
  San Francisco, May 18, 2010 –The Messaging Anti-Abuse Working Group will host the GSMA Security Group at the MAAWG 19^th General Meeting in Barcelona on June 8-10 with a multi-track event focusing on all forms of spam delivery, including mobile, broadband, terrestrial and Web messaging. The meeting will also feature an insiders’ panel discussing the recent crackdown on the Mariposa botnet, sessions on mobile spam and abuse reporting technologies, and a look at critical technical and international public policy issues affecting abuse abatement.
• MAAWG Comments on ARIN Draft Policy 2010-3 “Customer Confidentiality”

  MAAWG submitted comments in March 2010. As recommended by MAAWG and others, ARIN changed course on this topic.
  The initial draft policy would have allowed ISPs to hide the true customer of a domain name. The revised Version 2 policy that was implemented recognized the need for the customer name to remain in the SWIP and RWHOIS information.

• Key Findings of the 2010 MAAWG Email Security Awareness and Usage Survey

  Summarizing the highlights of the consumer survey covering North America and Western Europe with the main graphs.

• Consumers Don’t Relate Bot Infections to Risky Behavior As Millions Continue to Click on Spam; MAAWG 2010 Email Security Consumer Survey Expands to North America and Western Europe
• Industry Experts Gather at MAAWG to “Protect the End User”; Messaging Anti-Abuse Working Group Advances Innovative Practices to Safeguard Consumers from Spam and Bots

  San Francisco, Jan. 28, 2010 – With the participation of some of the industry’s largest ISPs, email providers and Internet companies, the Messaging Anti-Abuse Working Group (MAAWG) is focusing on how to better protect the end user from spam, bots and other messaging exploitations during its February meeting in San Francisco.  The three-day, multi-track event will feature experts from Google, Mozilla, Microsoft, all the major anti-virus vendors, social networking sites, and anti-spam researchers, among others.

• MAAWG Comments, FCC’s In the Matter of Preserving the Open Internet, GN Docket No. 09-191, WC Docket No. 07-52, Notice of Proposed Rulemaking, FCC 09-93 (Rel. Oct. 22, 2009)

  MAAWG submitted these comments in January 2010 to the U.S. Federal Communications Commission on its open Internet proposal. The FCC requested public input on draft rules to preserve an open Internet. The FCC is seeking to preserve a platform based on a historically open architecture that has been accessible to anyone with a basic knowledge of its protocols.

• M3AAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks

  Note:  This M3AAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

  Note:  This MAAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

• Abuse Desk Common Practices

  A summary of the most effective abuse desk best practices from MAAWG service providers

Best Practices

• M3AAWG DNS Abuse Prevention, Remediation, and Mitigation Practices for Registrars and Registries

  This document is intended to provide concrete best practices for preventing or mitigating malicious or compromised domains at the registry or registrar level. A fundamental gap within the DNS community exists for how registries and registrars can best operationally effectuate anti-abuse mechanisms specific to malicious or compromised domains. M3AAWG hopes this document will help inform relevant DNS stakeholders and promote a safer and more secure DNS ecosystem. 

• M3AAWG Best Common Practices for Managing Port 25 for IP Networks

  This document is an update to our previous "Managing Port 25 for Residential or Dynamic IP Space - Benefits of Adoption and Risks of Inaction" document published in 2005.

  Spammers and other abusers often use viruses and spyware as vehicles to assume control over large numbers of computers. By managing the sending of email from devices on their network, providers can reduce the costs of running their business, increase customer satisfaction, and reduce the level of internet abuse associated with their service.

• M3AAWG Present and Future of the Public Suffix List

  This document describes the PSL, explains its current strengths and limitations, and outlines some possible future enhancements. Most importantly, though, the community must step up and help to make sure it continues to exist. 

• M3AAWG Ransomware Active Attack Response Best Common Practices

  This document addresses the options available if you realize that you are a victim of a Ransomware attack. It explains how to consider risks and alternatives in resolving the recovery and supporting continuity for your business, and how to tackle those issues. 

• M3AAWG Brand Protection Kit Domain Management

  This document focuses on domain management. It outlines how to protect brands from threat actors who are keen to register domains that mimic a brand in order to steal information and/or assets. 

• M3AAWG Best Practices for Sending Mandated Emails to Large Audiences

  There are a number of scenarios in which senders may be required or compelled to send a bulk message despite the fact that such messages are highly likely to exhibit poor delivery metrics such as increased bounces or complaints. These messages are not intended to be used for standard marketing or transactional notices; these are the exceptions to the rule. Prominent examples of high-risk sends would be items such as breach notifications, product recalls, health and safety notices, or other notifications that might need to be sent to individuals who have been previously been suppressed or unsubscribed.

• Exploring the Impact of Nonhuman Interactions on Email Send Metrics

  Received email may not be handled only by a human. It may be partially or even fully handled by a software program. The purpose of this document is to offer guidance to marketing and sales staff about the way that nonhuman interactions (NHI, also known as “automated clicks”) affect the performance metrics of their email messages and reporting systems. This document is not intended to solve issues, but rather to provide insights into the effects of NHI and offer some best practices for senders.

• M3AAWG Comments on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process

  M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group, appreciates this opportunity to comment on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process (https://gnso.icann.org/en/issues/epdp-phase-2-initial-07feb20-en.pdf). 

• M3AAWG Response for ICANN Security Stability and Resiliency Review Team (Two)

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review the draft report from ICANN’s Security Stability and Resiliency Review Team (Two).

• M3AAWG Sending Domains Best Common Practices

  When preparing for bulk or transactional email sending, two items require special attention: outbound IP addresses, and the domain names to be used for these communications. For the latter, ESPs (Email Service Providers) go through this set-up process frequently and have to review the same readiness checklist each time. This process may involve individual client preferences and constraints, both legal and technical.

• M3AAWG Email Anti-Abuse Product Evaluation Best Current Practices, Updated March 2019

  Outlining practices used during trial evaluations of messaging anti-abuse products or services, this document provides recommendations on processes and techniques to accurately determine a particular solution’s effectiveness. The March 2019 version includes recommendations affected by newer technology, such as cloud services, and other updates.

• M3AAWG Best Current Practices for Reporting Phishing URLs

  Phishing continues to be a significant problem for hosting companies, mailbox providers, brand owners and, of course, for every internet user. This document iinforms all of these groups on the best current practices for reporting phishing URLs.

• A M3AAWG Introduction to Addressing Malicious Domain Registrations

  This document focuses on defining malicious domain names and provides a non-exhaustive list of possible actions that can be taken to address them.

• M3AAWG Recommendations: Methods for Sharing Dynamic IP Address Space Information with Others-Updated May 2018 (2008)

  Although M3AAWG recommends blocking outbound port 25 traffic as the best option for controlling the flow of unwanted email traffic from an ISP’s customer space, such blocks may not always be possible, either for the short or long term. This document offers some alternatives for these ISPs by describing methods they can use to share their dynamic space information with others and allow remote sites to reject inbound mail traffic from dynamic address space.

• M3AAWG Compromised User ID Best Practices, Version 1.0.1

  Updated in March 2018, this document addresses problems associated with compromised user accounts. It discusses mitigation techniques and methods of identifying compromised accounts, including recommendations to ensure the long-term security of accounts to prevent “re-compromise.”

• M3AAWG Recommendations for Preserving Investments in New Generic Top-Level Domains (gTLDs)

  Over a thousand new generic Top-Level Domains (gTLDs) have been, or are in, the process of being created under ICANN’s new gTLD program.  This paper is written for current Registry operators and for companies interested in applying for new gTLDs, and outlines the risks and some relatively simple recommendations that can help correct these problems.

• M3AAWG Introduction to Reflective DDoS Attacks

  Many thousands of individual Distributed Denial-of-Service attacks take place each day. While many of these are relatively small, they are sufficient to take unprepared sites offline and threaten connectivity over large regions of the internet. It is in everyone’s interest to take all possible precautions to thwart these damaging DDoS attacks. This paper provides an overview of how this very common form of attack works, what measures can be taken to help eliminate it and pointers to some of the many technical documents that can provide more detail. Also see the video Understanding and Preventing Reflective DDoS Attacks with M3AAWG Senior Technical Advisor Dr. Richard Clayton of Cambridge University explaining reflective DDoS attacks and some of the actions the industry can take to protect against them.

• M3AAWG Initial Recommendations: Arming Businesses Against DDoS Attacks

  Distributed Denial of Service attacks continue to be a major concern. This guide helps businesses prepare for DDoS attacks and, as a side benefit, some of these same techniques can also help businesses that suddenly see a large increase in legitimate customer web traffic.

• M3AAWG Best Current Practices For Building and Operating a Spamtrap, Ver. 1.2.0

  Updated in August 2016 as Version 1.2.0, this document is for spamtrap operators who generally use data generated from spamtraps for purposes such as research, evidence collection, infected machine mitigation or mail list leakage and list quality control.

• Using Generic Top Level Domain Registration Information (WHOIS Data) in Anti-Abuse Operations

  WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.

• M3AAWG Mobile Messaging Best Practices for Service Providers - Updated August 2015

  These industry best practices are intended to help mitigate the abuse of mobile messaging (i.e., SMS, MMS and RCS), including text messaging and connected services. The guidelines outlined here will assist service providers and vendors in maintaining practical levels of trust and security across an open, globally-interconnected messaging environment. Updated August 2015.

• Anti-Phishing Best Practices for ISPs and Mailbox Providers, Version 2.01, June 2015

  This document was jointly developed by the Anti-Phishing Working Group (APWG) and M3AAWG with technical and business practices to help ISPs and mailbox providers thwart phishing attacks and other malevolent network abuses.  It also includes practices to respond constructively when these attacks occur. Version 2.01 updates the anti-phishing best practices originally published in 2006.

• Operation Safety-Net: Best Practices to Address Online, Mobile, and Telephony Threats

  Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.

• M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

  System abuse drains time and revenue for hosting and cloud providers, who must maintain constant vigilance to make sure their systems are not compromised and ensure that their customers are vigilant. This document categorizes types of abuse, suggests appropriate responses and reviews practices for dealing with customers and complaints. It provides current best common practices in use with the hosting, DNS and domain registration provider communities.

• M3AAWG Best Common Practices for the Use of a Walled Garden, Version 2.0

  These updated best practices outline the criteria for exit, entry, remediation and subscriber education when using a walled garden to remediate virus and bot infections in subscriber devices.

• M3AAWG Feedback Reporting Recommendation

  Just as speaking a common language allows two people to communicate effectively, standards that define the format of abuse reports and the destination address for them increase the effectiveness of network owners in fighting abusive traffic.

• MAAWG Overview of DNS Security - Port 53 Protection

  This paper briefly discusses how an DNS attack works, the impact of this threat, proposes a solution and discusses the advantages and disadvantages from a technical, business and regulatory standpoint

• M3AAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks

  Note:  This M3AAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

  Note:  This MAAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

• Abuse Desk Common Practices

  A summary of the most effective abuse desk best practices from MAAWG service providers

Public Policy

• M3AAWG Comments on Powers in Relation to UK-Related Domain Name Registries

  M³AAWG recognizes that the scope of the powers described in the proposals is limited to situations where there has been a serious relevant failure in relation to an internet domain registry or any of its registrars in scope country code top-level domains (.uk) and generic top level domains (gTLDs) (.scot / .wales / .cymru / .london) that are targeting the UK. We generally support the powers in order to protect the public from harm in these limited circumstances. View the document to review the full scope of comments submitted.

  Comments Submitted: August 31, 2023

Messaging

• M3AAWG Comments on the NTIA's Introduction of Accountable Measures Regarding Access to Personal Information of .us Registrants

  M3AAWG has submitted comments on the National Telecommunications and Information Administration's Introduction of Accountable Measures Regarding Access to Personal Information of .us Registrants. In this set of Comments, M3AAWG urges the Agency NOT to implement the potential changes described in this request for comments. Read more for additional insight into M3AAWG's submission.

• National Network to End Domestic Violence (NNEDV) Expert to Provide Keynote Address on Intimate Partner Violence in the Digital Age and Strategies to Prevent Abuse at M3AAWG 56th Meeting

  CONTACT:

• Members Worldwide Gather at 55th General Meeting of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) in London to Address Current and Emerging Issues in Messaging, Malware and Cybersecurity

  SAN FRANCISCO, Calif., May 27 – Members of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) will gather June 13-16, 2022 in London as part of its global collaboration on messaging and online abuse.

• Messaging, Malware and Mobile Anti-Abuse Working Group Announces Updated Organizational Priorities, Focus Areas and Initiatives as Online Abuse Evolves

  SAN FRANCISCO, Calif., May 18 – Continuing its widely successful efforts to fight online abuse and enable a safer Internet experience since 2004, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) today announced plans to focus its work around four key industry topics, including readiness, data and identity protection, communications and supply chain, as it continues the development of the organization.

• M3AAWG Brand Protection Kit Domain Management

  This document focuses on domain management. It outlines how to protect brands from threat actors who are keen to register domains that mimic a brand in order to steal information and/or assets. 

• M3AAWG Supports EPDP Phase 2A Policy Recommendations for ICANN
• Messaging, Malware and Mobile Anti-abuse Working Group Members Gather to Address Email, Messaging and Online Security and Abuse Issues

  SAN FRANCISCO, Calif., Feb. 10 – The Messaging, Malware and Mobile Anti-abuse Working Group (M3AAWG) will host its 54th general meeting February 21-24, where members of the group will collaborate on messaging delivery and abuse; network and transport security; cybersecurity across devices; and relevant industry standards and policy issues.

• Response to letter dated 30 September 2021
• Coalition Against Stalkerware Named J.D. Falk Award Winner for Raising Awareness About and Helping Victims of Malicious Spying Apps

  

  Award Honors Falk, Antispam Pioneer and a M3AAWG Founding Member

• Recommendations pertaining to findings from the M3AAWG and APWG WHOIS Survey Report presented to ICANN in June, 2021

  As a followup to the June 2021 survey report of cyber investigators and anti-abuse service providers on the ongoing impacts of ICANN’s implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018), M3AAWG and the Anti-Phishing Working Group (APWG) has released their recommendations for ICANN'S consideration.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) October General Meeting to Address Online Attacks and Abuse, Privacy and Data Protection and the Role of AI in Abuse Prevention

  Keynote to Examine Threats, Including Spyware, That Threaten Digital Communications

• ICANN Response to M3AAWG and APWG to GDPR WHOIS - User Survey July 2021
• Letter to ICANN on ICANN GDPR User Survey - Three years later

  The M3AAWG letter to ICANN that accompanied the ICANN GDPR WHOIS User Survey compiled jointly by APWG and M3AAWG - Three Years Later.

• ICANN, GDPR, and the WHOIS: A Users Survey - Three Years Later

  M3AAWG and the Anti-Phishing Working Group (APWG) conducted a follow up survey to our 2018 survey of cyber investigators and anti-abuse service providers to determine the ongoing impacts of ICANN’s implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018). The report contains our findings and presents some recommendations for consideration.

• Second Security, Stability, and Resiliency (SSR2) Review Team comments 2021

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review and submit comments on the final report from ICANN!s Second Securi-ty Stability and Resiliency Review Team (SSR2 RT) to the ICANN Board.  

• M3AAWG Input on NIS2 Directive

  M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working group, appreciates this opportunity to comment on the Revised Directive on Security of Network and Information Systems (NIS) (https://ec.europa.eu/digital-single-market/en/news/revised-directive-security-network-and-information-systems-nis2). We make these comments in our capacities as cybersecurity professionals and researchers committed to ensuring the security and stability of the internet, including the domain name ecosystem. 

• M3AAWG Best Practices for Sending Mandated Emails to Large Audiences

  There are a number of scenarios in which senders may be required or compelled to send a bulk message despite the fact that such messages are highly likely to exhibit poor delivery metrics such as increased bounces or complaints. These messages are not intended to be used for standard marketing or transactional notices; these are the exceptions to the rule. Prominent examples of high-risk sends would be items such as breach notifications, product recalls, health and safety notices, or other notifications that might need to be sent to individuals who have been previously been suppressed or unsubscribed.

• Exploring the Impact of Nonhuman Interactions on Email Send Metrics

  Received email may not be handled only by a human. It may be partially or even fully handled by a software program. The purpose of this document is to offer guidance to marketing and sales staff about the way that nonhuman interactions (NHI, also known as “automated clicks”) affect the performance metrics of their email messages and reporting systems. This document is not intended to solve issues, but rather to provide insights into the effects of NHI and offer some best practices for senders.

• M3AAWG Gathers for Milestone 50th General Meeting to Continue Fighting Online Abuse

  The Messaging, Malware and Mobile Anti-Abuse Working Group, the largest global industry association working against botnets, malware, spam, viruses, DoS attacks, and other online exploitation, will meet virtually October 12-15; Election security tops agenda

• Should you deploy a TLS 1.3 middlebox?

  
  To inspect or not to inspect, that is the question.

  TLS 1.3 is by far the most secure version of the Transport Layer Security (TLS) protocol, but its use of ephemeral elliptic curve keys--and the deprecation of static RSA keys--means that TLS sessions now offer forward secrecy, a bane to enterprise security administrators who want to maintain visibility into their network traffic.

• M3AAWG GENERAL MEETING INFORMATION FOR NEW ATTENDEES

   

   

  M3AAWG BOD Co-Chair's Video 

• MarTech Interview with Len Shneyder, VP of Industry Relations at Twilio SendGrid

  
  Domain-based Message Authentication, and Reporting, and Conformance is a policy that adds to SPF and DKIM and gives a receiving set of instructions on what they should do when an email they received fails other authentication checks.
  https://martechseries.com/mts-insights/interviews/len-shneyder-twilio-sendgrid/

• M3AAWG Comments on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process

  M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group, appreciates this opportunity to comment on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process (https://gnso.icann.org/en/issues/epdp-phase-2-initial-07feb20-en.pdf). 

• M3AAWG Response for ICANN Security Stability and Resiliency Review Team (Two)

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review the draft report from ICANN’s Security Stability and Resiliency Review Team (Two).

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton’s 15 Years as Executive Director at the 48th General Meeting

  Amy Cadagin Announced as M3AAWG’s New Executive Director 

  SAN FRANCISCO, February 20, 2020 — The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG’s Executive Director after 15 years of service. He will be succeeded by Amy Cadagin. 

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton's 15 Years as Executive Director at the 48th General Meeting

  The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG's Executive Director after 15 years of service. He will be succeeded by Amy Cadagin.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Recognizes Cristine Hoepers of CERT.br with Mary Litynski Award

  Largest global industry association working against online exploitation presents Dr. Hoepers, general manager of Brazil’s Computer Emergency Response Team (CERT.br), with annual award for research and training to reduce Internet abuse

• M3AAWG General Meeting Brings Together More than 200 Companies to Fight Online Abuse

  Messaging, Malware and Mobile Anti-Abuse Working Group, the largest global industry association working against botnets, malware, spam, viruses, DoS attacks and other online exploitation, will meet in San Francisco February 17-20

• How to stop email spoofing of parked domains

  
  https://www.csoonline.com/article/3512239/how-to-stop-email-spoofing-of-parked-domains.html
  J.M. Porup includes M3AAWG recommendations on protecting parked domains in an article on the importance of publishing a DMARC record for every domain a business owns.

• Steven Harroun to the panel on “Cybersecurity Risks and Realities” at the Telecommunications Media Forum

  
  https://www.canada.ca/en/radio-television-telecommunications/news/2019/12/steven-harroun-to-the-panel-on-cybersecurity-risks-and-realities-at-the-telecommunications-media-forum.html
  In a transcribed speech, Steven Harroun, chief compliance and enforcement officer, Canadian Radio-television and Telecommunications Commission (CRTC), describes efforts to protect digital economies and societies. He notes the CRTC’s work with groups like M3AAWG, the Internet Corporation for Assigned Names and Numbers and more.

• Louisiana spurns attempted ransomware attack, governor says

  
  https://www.scmagazine.com/home/security-news/ransomware/louisiana-spurns-attempted-ransomware-attack-governor-says/
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to election integrity for cities and states.

• 3 Cybersecurity Threats Facing Campaigns in 2020

  
  https://www.campaignsandelections.com/campaign-insider/3-cybersecurity-t...
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to elections, including SIM jacking, domain spoofing and email hacking.

• JPAAWG 2nd General Meeting

  
  https://internet.watch.impress.co.jp/docs/interview/1217983.html
  The Japan Anti-Abuse Working Group (JPAAWG) cooperates with M3AAWG to examine and implement measures against a wide range of email and messaging attacks, such as spam, malware and DDoS.

• M3AAWG Sending Domains Best Common Practices

  When preparing for bulk or transactional email sending, two items require special attention: outbound IP addresses, and the domain names to be used for these communications. For the latter, ESPs (Email Service Providers) go through this set-up process frequently and have to review the same readiness checklist each time. This process may involve individual client preferences and constraints, both legal and technical.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M³AAWG) 47th General Meeting to Address Emerging Threats in Online Exploitation

  SAN FRANCISCO, Oct. 10, 2019 /PRNewswire/ -- The Messaging, Malware and Mobile Anti-Abuse Working Group (M³AAWG), the largest global industry association developing cooperative approaches for fighting online abuse, next week will kick off its 47th General Meeting in Montreal.

• Twilio Joins Anti-Abuse Working Group

  
  https://www.technologybusinesstoday.com/news/article/twilio-joins-anti-abuse-working-group
  Twilio announced that it joined M3AAWG, the premier industry group dedicated to combating bots, malware, spam, viruses, denial-of-service attacks and other online exploitation.

• Technology, law, and the world to protect the Internet: Interview with the standards organization JPAAWG

  
  https://www.atmarkit.co.jp/ait/articles/1910/07/news010.html
  Japan Anti-Abuse Working Group (JPAAWG) launched in May 2019 and works with M3AAWG to focus on Internet security in Japan. ITmedia spoke with Mr. Shuji Sakuraba and Mr. Nobuhiro Suemasa of JPAAWG about the group’s work, including collaboration with M3AAWG.

• AI’s Place in Preventing Piracy

  
  https://www.cablefax.com/technology/rough-seas-ais-place-in-preventing-piracy
  Cable operators are working to prevent disruptions to their networks caused by the streaming of pirated content and DDoS attacks. The article calls out CableLabs’ work with M3AAWG on the DDoS Information Sharing Project.

• Is a DMARC policy really right for everyone?

  
  https://www.valimail.com/blog/dmarc-enforcement-for-everyone/
  Valimail makes the case for DMARC enforcement and notes that M3AAWG recommends enforcement as a deliverability best practice.

• Solving extreme email deliverability mysteries

  
  https://postmarkapp.com/podcast/solving-extreme-email-deliverability-mysteries
  Anna Ward, Postmark’s head of deliverability, discusses her path to becoming an email deliverability expert and the impact of being a part of the M3AAWG community on her work.

• Comments Pertaining to the Domain Abuse Activity Reporting (DAAR) System

  M3AAWG submitted comments to ICANN on April 5, 2019 asking that additional actionable information be included in the DAAR system.  The comments are listed on the ICANN correspondence website at https://www.icann.org/resources/pages/correspondence.

• M3AAWG Email Anti-Abuse Product Evaluation Best Current Practices, Updated March 2019

  Outlining practices used during trial evaluations of messaging anti-abuse products or services, this document provides recommendations on processes and techniques to accurately determine a particular solution’s effectiveness. The March 2019 version includes recommendations affected by newer technology, such as cloud services, and other updates.

• Dave Piscitello Receives M3AAWG Mary Litynski Award for a Lifetime of Fighting DNS and Online Abuse

  San Francisco, February 19, 2019 – As a young security consultant, Dave Piscitello wondered, “how do these guys get away with all this spam and malware?” which led him to take on the challenging work of persuading the online ecosystem to address DNS abuse and related issues through his years at ICANN and in his involvement with other industry associations.

• M3AAWG Best Current Practices for Reporting Phishing URLs

  Phishing continues to be a significant problem for hosting companies, mailbox providers, brand owners and, of course, for every internet user. This document iinforms all of these groups on the best current practices for reporting phishing URLs.

• First Japan Anti-Abuse Working Group General Meeting Shares M3AAWG Work with Emphasis on Regional Issues

  San Francisco, Nov. 1, 2018 – Strengthening Asian efforts to protect the internet and online users, the First General Meeting of the Japan Anti-Abuse Working Group will be held Nov. 8 in Tokyo with security and operational professionals from messaging service providers, cloud hosting services, ISPs and other infrastructure organizations.

• ICANN GDPR WHOIS Policy Eliminates Pre-Emptive Protection of Internet Infrastructure Abuse; Obstructs Routine Forensics to Cybercriminals’ Advantage

  Cambridge, Mass. and San Francisco, Oct. 24, 2018 – A joint APWG-M3AAWG survey of cybercrime responders and anti-abuse personnel indicates ICANN’s Temporary Specification for domain name WHOIS data has eliminated interventions that previously allowed investigators to stop new cybercrimes while still in the preparatory stages -- and has markedly impeded routine mitigations for many kinds of cybercrimes. The survey was submitted to ICANN on Oct. 18 by the Anti-Phishing Working Group and the Messaging, Malware and Mobile Anti-Abuse Working Group.

• Letter to ICANN on ICANN GDPR User Survey

  The M3AAWG letter to ICANN that accompanied the ICANN GDPR WHOIS User Survey compiled jointly by APWG and M3AAWG

• ICANN GDPR and WHOIS Users Survey

  A joint survey conducted by the Anti-Phishing Working Group (APWG) and M3AAWG looks at how cyber investigators use WHOIS data and how the European Union’s General Data Protection Regulation (GDPR) has affected their anti-abuse efforts. The letter from M3AAWG and survey are also available on the ICANN site at https://www.icann.org/en/system/files/correspondence/upton-to-marby-et-a...

• BEC List Recipients of the 2018 M3AAWG JD Falk Award

  The 2018 M3AAWG JD Falk Award was presented October 9 during the M3AAWG 44^th General Meeting in Brooklyn, NY, USA, to:

  Ronnie Tokazowski, BEC List Founder and Administrator,
  Reverse Engineer, Flashpoint, @iHeartMalware

  and the BEC List Members

  A partial listing of companies participating in the Business Email Compromise List as of October 2018:

• “Under the Radar” Industry Group Fighting BEC Phishing Receives 2018 M3AAWG JD Falk Award

  New York, October 9, 2018 – A private, sequestered email group that you probably have never heard of – but that has helped prevent millions of dollars in fraud and assisted in taking down thousands of Nigerian scheme email accounts – was honored today with the 2018 JD Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working Group.

• A M3AAWG Introduction to Addressing Malicious Domain Registrations

  This document focuses on defining malicious domain names and provides a non-exhaustive list of possible actions that can be taken to address them.

• M3AAWG Recommendations: Methods for Sharing Dynamic IP Address Space Information with Others-Updated May 2018 (2008)

  Although M3AAWG recommends blocking outbound port 25 traffic as the best option for controlling the flow of unwanted email traffic from an ISP’s customer space, such blocks may not always be possible, either for the short or long term. This document offers some alternatives for these ISPs by describing methods they can use to share their dynamic space information with others and allow remote sites to reject inbound mail traffic from dynamic address space.

• Temporary Access Method for Non-Public Whois Data, and accompanying accreditation policy points

  Submitted jointly by the Anti-Phishing Working Group (APWG), M3aawg and First, this document describes a short-term method for authorized parties to access non-public WHOIS data via designated IP addresses.

• WHOIS Tiered Access and Accreditation Program

  M3AAWG submitted these short comments to ICANN stating that an expert group from the Anti-Abuse community should be created to facilitate the certification of qualified applicants from the security field.

• Taking on Calendar Spam, Scheduling Developers Organization CalConnect Collaborates with Messaging Anti-Abuse M3AAWG

  McKinleyville, CA and San Francisco, April 5, 2018 – Recognizing that calendar spam is a growing exploitation channel, CalConnect and the global anti-abuse association M3AAWG have joined forces to develop new methods to protect end-users from unsolicited and malicious event notices.  The new liaison between the scheduling developers’ organization and the Messaging, Malware and Mobile Anti-Abuse Working Group will accelerate industry efforts to develop techniques that block invites to fake events and other malicious notices on popular calendaring platforms.

• M3AAWG Compromised User ID Best Practices, Version 1.0.1

  Updated in March 2018, this document addresses problems associated with compromised user accounts. It discusses mitigation techniques and methods of identifying compromised accounts, including recommendations to ensure the long-term security of accounts to prevent “re-compromise.”

• M3AAWG Recommendations for Preserving Investments in New Generic Top-Level Domains (gTLDs)

  Over a thousand new generic Top-Level Domains (gTLDs) have been, or are in, the process of being created under ICANN’s new gTLD program.  This paper is written for current Registry operators and for companies interested in applying for new gTLDs, and outlines the risks and some relatively simple recommendations that can help correct these problems.

• Comments on The Competition, Consumer Trust and Consumer Choice Review Team–New Sections Draft Report of Recommendations

  M3AAWG provided input on the new sections added to the draft ICANN report.  The comments can also be found on the ICANN site at http://mm.icann.org/pipermail/comments-cct-recs-27nov17/attachments/20180107/9b99c6d2/M3AAWG-ICANN-CCT-NewSections-2018-01-0001.pdf

• German Law Enforcement Officials Receive 2017 M3AAWG J.D. Falk Award for Initiating Global Takedown of Avalanche Malware Platform

  Toronto, October 4, 2017 –  M3AAWG honored two German law enforcement officials today for their work in developing the global public/private collaboration that shutdown a massive malware offensive infecting computers in 189 countries and costing victims over $6 million in ransomware payments. Lower Saxony Chief Police Inspector Jörn Bisping and Senior Prosecutor Frank Lange received the 2017 M3AAWG J.D. Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working group for spearheading worldwide efforts to dismantle the criminalized Avalanche platform.

• El valor de hacerse miembro. Hoja informativa.

  El valor de hacerse miembro. Hoja informativa. – M3AAWG Membership Value and Fact Sheet in Spanish

• Latin American and Caribbean Anti-Abuse Working Group to Collaborate with LACNIC and M3AAWG to Fight Online Threats

  San Francisco, May 4, 2017 – The Latin American and Caribbean Network Operators Group (LACNOG) has chartered a new working group to serve as a regional voice in the global anti-abuse community. The new LAC Anti-Abuse Working Group (LAC-AAWG) will convene experts from regional network operator communities and the global Messaging, Malware and Mobile Anti-Abuse Working Group to encourage industry dialogue, develop recommendations and advance best practices for safeguarding online activities.

• M3AAWG Membership Value and Fact Sheet
• M3AAWG Issues New Papers Explaining Password Security, Multifactor Authentication, Encryption Use and DDoS Safeguards; Announces 2017 Leadership and Committee Chairs

  San Francisco, April 4, 2017 – Addressing current threats such as DDoS attacks and Internet of Things security, the Messaging, Malware and Mobile Anti-Abuse Working Group has released five new best practices papers and created new special interest groups to develop cybersecurity approaches that will help protect end-users. The organization also announced its 2017 leadership and committee chairs who are responsible for supporting the group’s ongoing collaborative efforts and identifying new areas of online vulnerability.

• M3AAWG Initial Recommendations: Arming Businesses Against DDoS Attacks

  Distributed Denial of Service attacks continue to be a major concern. This guide helps businesses prepare for DDoS attacks and, as a side benefit, some of these same techniques can also help businesses that suddenly see a large increase in legitimate customer web traffic.

• André Leduc Receives M3AAWG 2016 JD Falk Award for Operation Safety-Net and CASL Work that Protects Online Users

  Paris, France Oct. 25, 2016 – The lead architect of both a comprehensive report that demystifies online threats for the general public and an important Canadian law that has appreciably reduced spam has received the M3AAWG 2016 JD Falk Award for his contributions to a safer online world.  André Leduc was recognized for spearheading the global Operation Safety-Net best practices report and for his role in developing the Canadian Anti-spam Legislation that requires marketers to obtain users' permission before sending commercial email.

• M3AAWG Best Current Practices For Building and Operating a Spamtrap, Ver. 1.2.0

  Updated in August 2016 as Version 1.2.0, this document is for spamtrap operators who generally use data generated from spamtraps for purposes such as research, evidence collection, infected machine mitigation or mail list leakage and list quality control.

• Using Generic Top Level Domain Registration Information (WHOIS Data) in Anti-Abuse Operations

  WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.

• Global Cyber Alliance Joins Forces with M3AAWG to Drive Industry Adoption of Cybersecurity Solutions

  San Francisco, May 4, 2016 – Global Cyber Alliance – an organization founded by the New York County District Attorney's Office, the City of London Police and the Center for Internet Security – will be collaborating with M3AAWG to push the security community to more quickly adopt concrete, quantifiable practices that can reduce online threats.

• Internet Infrastructure Coalition (i2Coalition) Joins M3AAWG to Reduce Hosting Industry Abuse, Will Fight Spam, Malware and Other Cloud and Hosting Threats

  San Francisco, March 16, 2016 – The Internet Infrastructure Coalition, i2Coalition, has joined the Messaging, Malware and Mobile Anti-Abuse Working Group to continue work on developing best practices for hosting and cloud service companies and to share other information that will protect end-users. Members of the i2Coalition's new Internet Safety Working Group and its Abuse Reporting Discussion List will be participating in M3AAWG meetings and committee work as the two organizations collaborate on threats aimed at the Internet's infrastructure.

• M3AAWG Mobile Messaging Best Practices for Service Providers - Updated August 2015

  These industry best practices are intended to help mitigate the abuse of mobile messaging (i.e., SMS, MMS and RCS), including text messaging and connected services. The guidelines outlined here will assist service providers and vendors in maintaining practical levels of trust and security across an open, globally-interconnected messaging environment. Updated August 2015.

• Anti-Phishing Best Practices for ISPs and Mailbox Providers, Version 2.01, June 2015

  This document was jointly developed by the Anti-Phishing Working Group (APWG) and M3AAWG with technical and business practices to help ISPs and mailbox providers thwart phishing attacks and other malevolent network abuses.  It also includes practices to respond constructively when these attacks occur. Version 2.01 updates the anti-phishing best practices originally published in 2006.

• Operation Safety-Net: Best Practices to Address Online, Mobile, and Telephony Threats

  Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.

• M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

  System abuse drains time and revenue for hosting and cloud providers, who must maintain constant vigilance to make sure their systems are not compromised and ensure that their customers are vigilant. This document categorizes types of abuse, suggests appropriate responses and reviews practices for dealing with customers and complaints. It provides current best common practices in use with the hosting, DNS and domain registration provider communities.

• M3AAWG Best Common Practices for the Use of a Walled Garden, Version 2.0

  These updated best practices outline the criteria for exit, entry, remediation and subscriber education when using a walled garden to remediate virus and bot infections in subscriber devices.

• Comments on Implementation of CSRIC III Cybersecurity Best Practices

  M3AAWG submitted these comments with the new M3AAWG Bot Metrics Report in response to the U.S, Federal Communications Communications request for comments on the status of the implementation of CSRIC III best practices.

• Additional Responses from Dr. Paul Vixie to the U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

  Dr. Vixie's August 4th written response to additional questions requested after the hearing on botnet takedowns is also available from the official U.S. Committee on the Judiciary Committee hearing website at
  www.judiciary.senate.gov/download/vixie-qfrs-71514 .

• Dr. Paul Vixie's Testimony at U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

  The extended written statement by Dr. Paul Vixie, author of several IETF DNS standards and Farsight Security, Inc. CEO. He also, augments his testimony starting around 1 hour and 34 minutes in the official hearing video (http://bit.ly/BotnetTakedownHearing2014) from the U.S. Senate Committee on the Judiciary website at http://www.judiciary.senate.gov/meetings/taking-down-botnets_public-and-... . Dr. Vixie testified at the July 15, 2014 hearing at the request of M3AAWG.

• M3AAWG Tackles Emerging Security Issues with Industry Collaboration; Also Announces 2014 Leadership

  San Francisco, April 22, 2014 – Tackling security concerns with hosting and cloud storage, pervasive monitoring, identity management, and telephony, the Messaging, Malware and Mobile Anti-Abuse Working Group has announced the formation of four new collaborative special interest groups along with its organizational leadership for 2014.  The new SIGs provide a trusted venue for industry participation on critical issues while M³AAWG continues to support the ongoing work in its core security tracts.

• M3AAWG Feedback Reporting Recommendation

  Just as speaking a common language allows two people to communicate effectively, standards that define the format of abuse reports and the destination address for them increase the effectiveness of network owners in fighting abusive traffic.

• M3AAWG Response to Stakeholder Input on the Role of Governments, ITU-CWG on Internet-related Public Policy Issues

  Submitted to the U.S. State Department in January 2014, responding to its request for Stakeholder Input on the Role of Governments, International Telecommunication Union Council Working Group on Internetprelated Public Policy Issues.

• M3AAWG Comments on the WHOIS Misuse Study

  Submitted to ICANN in response to their misuse survey report.

• M3AAWG Comments on ICANN Misuse Report

  Submitted to ICANN in December 2013 in response to ICANN's misuse survey.

   

• M3AAWG Comments on ICANN EWG Initial Report

  Submitted to ICANN in August 2013 in response to ICANN's Expert Working Group report.

   

• Response to CWG-Internet Request for Online Consultation-Combatting Spam

  Submitted in July 2013 to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in response to a request for comments on effectively countering and combatting spam.

• M3AAWG Response to CWG-Internet Request for Online Consultation-Combatting Spam

  Submitted to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in July 2013
  In response to a request for comments on effectively countering and combatting spam.

• M3AAWG Comments on Thick Whois Initial Report

  Submitted to ICANN in July 2013
  Comments on this report can also be viewed on the ICANN site at http://forum.icann.org/lists/comments-thick-whois-initial-21jun13/

• M3AAWG response to NIST Request for Information: Framework for Reducing Cyber Risks to Critical infrastructure

  Submitted to the NIST in April 2013
  Response to two questions in the National Institute of Standards and Technology Request for Information is also posted at the NIST site with comments from other organization

  s.
   

• M3AAWG Announces 2013 Leadership for Fighting Malware and Mobile Abuse

  San Francisco, March 20, 2013 – Emphasizing the need for more cooperative cybersecurity efforts across platforms, the Messaging, Malware and Mobile Anti-Abuse Working Group will continue with a diverse leadership structure for 2013.  Alex Bobotek of AT&T and Chris Roosenraad of Time Warner Cable will continue as M³AAWG Co-Chairmen with Michael O’Reirdan of Comcast continuing as a Board member and M³AAWG Chairman Emeritus.

• Independent Georgia Tech Study Reveals Best Ways to Tell Customers “You’re Botted”

  San Francisco, Feb. 20, 2013 – A bot believed to have netted $14 million in illicit profits has been turned into a golden learning opportunity, yielding important insights into how the online community can best alert and assist customers with infected systems.

• M3AAWG Comments on CASL Draft Electronic Commerce Protection Regulations

  Submitted to Industry Canada in February 2013 - Letter submitted in response to request for comments on the draft Electronic Commerce Protection Regulations related to CASL.

   

• M3AAWG San Francisco Meeting Addresses Latest Messaging Security Ranging from Mobile Malware to DDoS Attacks

  San Francisco, Jan. 30, 2013 – With the variety of devices in use today and the pervasive connectivity available to users, malware could easily get the upper hand on many networks without corrective measures.  The Feb. 19-21 M³AAWG 27th General Meeting in San Francisco will focus on helping the industry develop the necessary strategies to protect end-users from the latest messaging abuses, whatever the abuse vector or device that is targeted. 

• New Online and Mobile Best Practices Clarify Business and Governmental Security Tactics

  Baltimore, Oct. 24, 2012 – A cooperative international report available today outlines Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots and other Internet threats, and provides a thorough review of current and emerging threats.

• M3AAWG Conduct Policy

  Conduct Policy Updated and Approved by the M3AAWG Board of Directors June 6, 2024. Original policy Approved by the M3AAWG Board of Directors 1-11-2019

  1. Overall Policy

• M3AAWG Comments on Preliminary Issue Report on Uniformity of Contracts to Address Registration Abuse

  Response to staff recommendations in the ICANN report.

• Comments on Preliminary Issue Report on Uniformity of Contracts to Address Registration Abuse

  Submitted to ICANN in September 2012
  View the preliminary report at http://gnso.icann.org/en/issues/registration-abuse/prelim-issue-report-u... or all submitted comments at http://forum.icann.org/lists/uoc-prelim-issue-report/ on the ICANN site.

   

• Comments on Abuse Contact Management in the RIPE Database

  Submitted to RIPE in August 2012
  Response to RIPE’s proposal to introduce a new contact attribute named "abuse-c

  :"
   

• Nominations Open at M3AAWG for New J.D. Falk Award Honoring Inventive Cyber Security Work

  San Francisco, July 18, 2012 – Seeking to throw a little light on those making the Internet a safer experience for all, the Messaging, Malware and Mobile Anti-Abuse Working Group is now accepting nominations for the first annual J.D. Falk Award, named after the dedicated industry advocate who was instrumental in the growth of M³AAWG and other technical organizations.  The award, developed in conjunction with his employer Return Path, Inc. and his family, celebrates J.D.

• M3AAWG Comments on ICANN WHOIS Policy Review Team Final Report

  Response to the final report from the ICANN WHOIS Policy Review Team

• M3AAWG Comments on WHOIS Policy Review Team Draft Report

  Response to the December 5, 2011 ICANN report from the WHOIS Review Team (WRT).

• MAAWG Evolves into M3 Tackling Messaging, Malware, Mobile; Breaking through “Silo” Thinking, Pushes Industry to Better Cooperation

  San Francisco, February 14, 2012 – The online industry generally acknowledges that viruses and malicious code are spread through spam, yet it seems that malware and messaging security professionals rarely collaborate on threats despite the commonality of their work. The Messaging Anti-Abuse Working Group is pushing the industry to move beyond this “silo” mentality to better protect end-users.

• MAAWG Comments on Protect IP and SOPA

  Submitted to U.S. Congress committees on the judiciary in December 2011
  MAAWG outlined technical issues with S.968, Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, and H.R.3261, Stop Online Piracy Act, in a letter to the judiciary committees of the U.S. Senate and U.S. House of Representatives.

   

• MAAWG Comments on the Draft Final Report of the Internationalized Registration Data Working Group

  Submitted to ICANN in November 2011
  Responses to ICANN on issues in the draft report covering the intrnationalization of domains can be read on the draft report comment site at http://forum.icann.org/lists/ird-draft-final-report/

   

• MAAWG Comments on Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware

  Submitted to NIST in November 2011- Responding to a Request for Information from the U.S. Department of Commerce (DoC) and U.S. Department of Homeland Security (DHS), the comments are also available on the NIST site.

   

• MAAWG Hosts Joint European Meeting with LAP/EU CNSA; French Officials to Address Paris Summit on Spam and Malware

  San Francisco, Oct. 5, 2011 – A global summit of online security experts will convene in Paris at a joint MAAWG-LAP meeting featuring keynotes by important French government officials along with panels of international law enforcement agents, public policy advisors, technologists and academic researchers. Organized around the annual European meeting of the Messaging Anti-Abuse Working Group on Oct.

• MAAWG Comments on National Initiative for Cybersecurity Education (NICE) Draft Strategic Plan

  MAAWG submitted comments in September 2011
  The comments were submitted to the National Institute of Standards and Technologyon its draft NICE plan.

• MAAWG Comments on CRTC's Draft Electronic Commerce Protection Regulations

  A response from MAAWG to the Canadian commission were submitted in September 2011.
  Submitted comments on the regulations to the Canadian Radio-television and Telecommunications Commission (CRTC) draft regulations.

• MAAWG Comments to UK House of Commons Inquiry into Malware and Cyber-crime

  MAAWG submitted a response in September 2011 to the Science and Technology Committee, UK House of Commons
  The committee's inquiry covered a variety of questions related to malware and cyber-crime.

• Comments on "Cybersecurity, Innovation and the Internet Economy" issued June 2011

  MAAWG responded to the Department of Commerce (DOC) Internet Policy Task Force's seventy-seven page green paper on "Cybersecurity, Innovation and the Internet Economy."

• MAAWG Comments on ICANN’s Draft FY2012 Budget

  MAAWG members, and our members' customers, like all Internet users, rely daily on Internet names. MAAWG commented on the proposed budget from the perspective of encouraging ICANN to continue to offer a reliable, high performance, cost effective, scalable and trustworthy system of domain names.

• Comments on ICANN WHOIS Review Team

  MAAWG comments were submitted in April 2011 on the ICANN site in response to the ICANN Call for Public Comment
  Responding to the ICANN WHOIS Review Team, MAAWG submitted comments on the useablity, access, accuracy and reliability of WHOIS and on the improvement of WDPRS.

• First China-U.S. Effort to Fight Spam
  (Joint News Release issued with EastWest Institute)
• Incoming State Attorneys General Association President McKenna and FTC Consumer Protection Director Vladeck To Address Online Protection at MAAWG; Global Gathering Tackles Cybersecurity Policy, Technology, Mobile and Social Platforms

• Comments on UK BIS Consultation on Implementing the Revised EU Electronic Communications Framework

  MAAWG comments were submitted December 2010 in response to the BIS proposal.
  The UK Department for Business Innovation and Skills launched its proposals for implementing the revised EU Electronic Communications Framework. The BIS document set out their preferred approach to implementation and asked questions on a limited number of specific issues.

• MAAWG Response to U.S. Department of Commerce’s Internet Policy Task Force on the Global Free Flow of Information on the Internet

  MAAWG comments were submitted November 2010 in response to the DoC request.
  The U.S. Department of Commerce’s Internet Policy Task Force requested comments on government policies that restrict Internet information flow, seeking to understand why these restrictions have been instituted; what, if any, impact they have, and how to address negative impacts. The DoC will publish a report contributing to the Administration’s domestic policy and international engagement on these issues.

• MAAWG Comments on ICANN FY 11 Update to Plan for Enhancing Internet Security, Stability & Resiliency

  MAAWG comments were submitted November 2010 in response to ICANN’s Plan.
  ICANN requested comments on an update to its initial plan that will be implemented in the 2010-2011 operational year. The updated plan is intended as a baseline document for ICANN and its community for organizing its security, stability and resiliency efforts.

• MAAWG Develops First Industry Best Practices for Protecting Web Messaging Consumers; Also Issues Practices for Email Complaint Feedback Loops and Evaluating Anti-Abuse Products for Email Operators
  San Francisco, October 28, 2010 –The first industry best practices to help Web messaging and social networking operators protect users of their Web mail, direct messaging and SMS services from spam and other cyber attacks have been released by the Messaging Anti-Abuse Working Group (MAAWG). MAAWG also published two other new best practices papers clarifying conventional email processes for incorporating consumer complaint feedback loops and to assist ISPs in evaluating anti-abuse tools.

   
• MAAWG Comments on ICANN Study on the Prevalence of Domain Names Registered Using a Privacy or Proxy Registration Service

  MAAWG comments were submitted October 2010 based on the ICANN request.
  ICANN conducted an exploratory study in 2009 to assess an approximate percentage of domain names (through a statistical sampling plan) contained in the top 5 gTLD registries that used privacy or proxy registration services. The study indicated that at least 18% (and probably not much more than 20%) of the domain names contained in the top 5 gTLD registries used privacy or proxy registration services.

• MAAWG Letter Regarding Canadian Fighting Internet and Wireless Spam Act (FISA)

  The MAAWG letter supporting elements of FISA (see www2.parl.gc.ca/Sites/LOP/LEGISINFO/index.asp?Language=E&list=agenda) was submitted September 2010.
  MAAWG submitted a letter supporting the global sharing of abuse-fighting information between law enforcement that is included in Canadian Bill C-28 establishing the federal Fighting Internet and Wireless Spam Act (“FISA”).

• MAAWG Comments on Department of Commerce Cybersecurity, Innovation and the Internet Economy

  MAAWG comments were submitted to the Department of Commerce’s request in September 2010. The DoC site has all submitted comments.
  The Department of Commerce’s Internet Policy Task Force undertook a comprehensive review of the nexus between cybersecurity challenges in the commercial sector and innovation in the Internet economy. The Department was seeking comments on measures to improve cybersecurity while sustaining innovation.

• MAAWG Comments on National Broadband Plan Recommendation to Create a Cybersecurity Roadmap

  MAAWG comments were submitted in response to U.S. Federal Communications Commission recommendations in September 2010.
  The U.S. FCC’s Public Safety and Homeland Security Bureau (PSHSB) requested comment on the creation of a Cybersecurity Roadmap. The plan would identify vulnerabilities to communications networks or end-users and develop countermeasures and solutions in preparation for, and response to, cyber threats and attacks in coordination with federal partners.

• Facebook and Tata Communications Join MAAWG Board of Directors; Will Fight Spam and Online Abuse with Global Industry Organization

  San Francisco, Aug. 18, 2010 – Demonstrating their commitment to work with the international online industry to protect consumers, Facebook and Tata Communications, a leading global telecom service provider that is part of India’s Tata Group, have joined the Messaging Anti-Abuse Working Group at the organization’s highest membership level and will serve on the MAAWG Board of Directors.

• MAAWG Response to ICANN's Initial Report on Proposals for Improvements to the Registrar Accreditation Agreement (RAA)

  The MAAWG response was submitted July 2010 in response to ICANN’s initial report for RAA improvements.
  The ICANN report describes recommendations on the proposed form of a Registrant Rights and Responsibilities Charter, and describing the potential topics for additional amendments to the RAA. It also includes a proposal for next steps the GNSO Council should consider in determining whether to recommend the ICANN Board adopt a new form RAA.

• MAAWG Response to National Strategy for Trusted Identities in Cyberspace

  MAAWG offered comments on the U.S. Department of Homeland Security’s strategy in July 2010
  The U.S. Department of Homeland Security’s draft plan is focused on maintaining a secure cyberspace, which is critical to the health of the economy and national security. It outlines how the federal government might address the recent and alarming rise in online fraud, identity theft, and misuse of information online.

• MAAWG Overview of DNS Security - Port 53 Protection

  This paper briefly discusses how an DNS attack works, the impact of this threat, proposes a solution and discusses the advantages and disadvantages from a technical, business and regulatory standpoint

• MAAWG Hosts GSMA Security Group in Europe Industry Meeting Attacks Spam Across Platforms, Promotes International, Industry-wide Cooperation
  San Francisco, May 18, 2010 –The Messaging Anti-Abuse Working Group will host the GSMA Security Group at the MAAWG 19^th General Meeting in Barcelona on June 8-10 with a multi-track event focusing on all forms of spam delivery, including mobile, broadband, terrestrial and Web messaging. The meeting will also feature an insiders’ panel discussing the recent crackdown on the Mariposa botnet, sessions on mobile spam and abuse reporting technologies, and a look at critical technical and international public policy issues affecting abuse abatement.
• MAAWG Comments on ARIN Draft Policy 2010-3 “Customer Confidentiality”

  MAAWG submitted comments in March 2010. As recommended by MAAWG and others, ARIN changed course on this topic.
  The initial draft policy would have allowed ISPs to hide the true customer of a domain name. The revised Version 2 policy that was implemented recognized the need for the customer name to remain in the SWIP and RWHOIS information.

• Key Findings of the 2010 MAAWG Email Security Awareness and Usage Survey

  Summarizing the highlights of the consumer survey covering North America and Western Europe with the main graphs.

• Consumers Don’t Relate Bot Infections to Risky Behavior As Millions Continue to Click on Spam; MAAWG 2010 Email Security Consumer Survey Expands to North America and Western Europe
• Industry Experts Gather at MAAWG to “Protect the End User”; Messaging Anti-Abuse Working Group Advances Innovative Practices to Safeguard Consumers from Spam and Bots

  San Francisco, Jan. 28, 2010 – With the participation of some of the industry’s largest ISPs, email providers and Internet companies, the Messaging Anti-Abuse Working Group (MAAWG) is focusing on how to better protect the end user from spam, bots and other messaging exploitations during its February meeting in San Francisco.  The three-day, multi-track event will feature experts from Google, Mozilla, Microsoft, all the major anti-virus vendors, social networking sites, and anti-spam researchers, among others.

• MAAWG Comments, FCC’s In the Matter of Preserving the Open Internet, GN Docket No. 09-191, WC Docket No. 07-52, Notice of Proposed Rulemaking, FCC 09-93 (Rel. Oct. 22, 2009)

  MAAWG submitted these comments in January 2010 to the U.S. Federal Communications Commission on its open Internet proposal. The FCC requested public input on draft rules to preserve an open Internet. The FCC is seeking to preserve a platform based on a historically open architecture that has been accessible to anyone with a basic knowledge of its protocols.

• M3AAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks

  Note:  This M3AAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

  Note:  This MAAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

• Abuse Desk Common Practices

  A summary of the most effective abuse desk best practices from MAAWG service providers

News, Updates, In the News

• National Network to End Domestic Violence (NNEDV) Expert to Provide Keynote Address on Intimate Partner Violence in the Digital Age and Strategies to Prevent Abuse at M3AAWG 56th Meeting

  CONTACT:

• Members Worldwide Gather at 55th General Meeting of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) in London to Address Current and Emerging Issues in Messaging, Malware and Cybersecurity

  SAN FRANCISCO, Calif., May 27 – Members of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) will gather June 13-16, 2022 in London as part of its global collaboration on messaging and online abuse.

• Messaging, Malware and Mobile Anti-Abuse Working Group Announces Updated Organizational Priorities, Focus Areas and Initiatives as Online Abuse Evolves

  SAN FRANCISCO, Calif., May 18 – Continuing its widely successful efforts to fight online abuse and enable a safer Internet experience since 2004, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) today announced plans to focus its work around four key industry topics, including readiness, data and identity protection, communications and supply chain, as it continues the development of the organization.

• Messaging Malware Mobile Anti-Abuse Working Group Honors Troy Hunt of Have I Been Pwned with Mary Litynski Award

  SAN FRANCISCO, Calif., Feb. 22, 2022 – The Mary Litynski Award recognizing lifetime achievement for making the Internet safer has been awarded by the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) Troy Hunt, founder of Have I Been Pwned.

• Messaging, Malware and Mobile Anti-abuse Working Group Members Gather to Address Email, Messaging and Online Security and Abuse Issues

  SAN FRANCISCO, Calif., Feb. 10 – The Messaging, Malware and Mobile Anti-abuse Working Group (M3AAWG) will host its 54th general meeting February 21-24, where members of the group will collaborate on messaging delivery and abuse; network and transport security; cybersecurity across devices; and relevant industry standards and policy issues.

• Coalition Against Stalkerware Named J.D. Falk Award Winner for Raising Awareness About and Helping Victims of Malicious Spying Apps

  

  Award Honors Falk, Antispam Pioneer and a M3AAWG Founding Member

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) October General Meeting to Address Online Attacks and Abuse, Privacy and Data Protection and the Role of AI in Abuse Prevention

  Keynote to Examine Threats, Including Spyware, That Threaten Digital Communications

• M3AAWG Gathers for Milestone 50th General Meeting to Continue Fighting Online Abuse

  The Messaging, Malware and Mobile Anti-Abuse Working Group, the largest global industry association working against botnets, malware, spam, viruses, DoS attacks, and other online exploitation, will meet virtually October 12-15; Election security tops agenda

• Should you deploy a TLS 1.3 middlebox?

  
  To inspect or not to inspect, that is the question.

  TLS 1.3 is by far the most secure version of the Transport Layer Security (TLS) protocol, but its use of ephemeral elliptic curve keys--and the deprecation of static RSA keys--means that TLS sessions now offer forward secrecy, a bane to enterprise security administrators who want to maintain visibility into their network traffic.

• MarTech Interview with Len Shneyder, VP of Industry Relations at Twilio SendGrid

  
  Domain-based Message Authentication, and Reporting, and Conformance is a policy that adds to SPF and DKIM and gives a receiving set of instructions on what they should do when an email they received fails other authentication checks.
  https://martechseries.com/mts-insights/interviews/len-shneyder-twilio-sendgrid/

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton’s 15 Years as Executive Director at the 48th General Meeting

  Amy Cadagin Announced as M3AAWG’s New Executive Director 

  SAN FRANCISCO, February 20, 2020 — The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG’s Executive Director after 15 years of service. He will be succeeded by Amy Cadagin. 

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton's 15 Years as Executive Director at the 48th General Meeting

  The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG's Executive Director after 15 years of service. He will be succeeded by Amy Cadagin.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Recognizes Cristine Hoepers of CERT.br with Mary Litynski Award

  Largest global industry association working against online exploitation presents Dr. Hoepers, general manager of Brazil’s Computer Emergency Response Team (CERT.br), with annual award for research and training to reduce Internet abuse

• M3AAWG General Meeting Brings Together More than 200 Companies to Fight Online Abuse

  Messaging, Malware and Mobile Anti-Abuse Working Group, the largest global industry association working against botnets, malware, spam, viruses, DoS attacks and other online exploitation, will meet in San Francisco February 17-20

• How to stop email spoofing of parked domains

  
  https://www.csoonline.com/article/3512239/how-to-stop-email-spoofing-of-parked-domains.html
  J.M. Porup includes M3AAWG recommendations on protecting parked domains in an article on the importance of publishing a DMARC record for every domain a business owns.

• Steven Harroun to the panel on “Cybersecurity Risks and Realities” at the Telecommunications Media Forum

  
  https://www.canada.ca/en/radio-television-telecommunications/news/2019/12/steven-harroun-to-the-panel-on-cybersecurity-risks-and-realities-at-the-telecommunications-media-forum.html
  In a transcribed speech, Steven Harroun, chief compliance and enforcement officer, Canadian Radio-television and Telecommunications Commission (CRTC), describes efforts to protect digital economies and societies. He notes the CRTC’s work with groups like M3AAWG, the Internet Corporation for Assigned Names and Numbers and more.

• Louisiana spurns attempted ransomware attack, governor says

  
  https://www.scmagazine.com/home/security-news/ransomware/louisiana-spurns-attempted-ransomware-attack-governor-says/
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to election integrity for cities and states.

• 3 Cybersecurity Threats Facing Campaigns in 2020

  
  https://www.campaignsandelections.com/campaign-insider/3-cybersecurity-t...
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to elections, including SIM jacking, domain spoofing and email hacking.

• JPAAWG 2nd General Meeting

  
  https://internet.watch.impress.co.jp/docs/interview/1217983.html
  The Japan Anti-Abuse Working Group (JPAAWG) cooperates with M3AAWG to examine and implement measures against a wide range of email and messaging attacks, such as spam, malware and DDoS.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M³AAWG) 47th General Meeting to Address Emerging Threats in Online Exploitation

  SAN FRANCISCO, Oct. 10, 2019 /PRNewswire/ -- The Messaging, Malware and Mobile Anti-Abuse Working Group (M³AAWG), the largest global industry association developing cooperative approaches for fighting online abuse, next week will kick off its 47th General Meeting in Montreal.

• Twilio Joins Anti-Abuse Working Group

  
  https://www.technologybusinesstoday.com/news/article/twilio-joins-anti-abuse-working-group
  Twilio announced that it joined M3AAWG, the premier industry group dedicated to combating bots, malware, spam, viruses, denial-of-service attacks and other online exploitation.

• Technology, law, and the world to protect the Internet: Interview with the standards organization JPAAWG

  
  https://www.atmarkit.co.jp/ait/articles/1910/07/news010.html
  Japan Anti-Abuse Working Group (JPAAWG) launched in May 2019 and works with M3AAWG to focus on Internet security in Japan. ITmedia spoke with Mr. Shuji Sakuraba and Mr. Nobuhiro Suemasa of JPAAWG about the group’s work, including collaboration with M3AAWG.

• AI’s Place in Preventing Piracy

  
  https://www.cablefax.com/technology/rough-seas-ais-place-in-preventing-piracy
  Cable operators are working to prevent disruptions to their networks caused by the streaming of pirated content and DDoS attacks. The article calls out CableLabs’ work with M3AAWG on the DDoS Information Sharing Project.

• Is a DMARC policy really right for everyone?

  
  https://www.valimail.com/blog/dmarc-enforcement-for-everyone/
  Valimail makes the case for DMARC enforcement and notes that M3AAWG recommends enforcement as a deliverability best practice.

• Solving extreme email deliverability mysteries

  
  https://postmarkapp.com/podcast/solving-extreme-email-deliverability-mysteries
  Anna Ward, Postmark’s head of deliverability, discusses her path to becoming an email deliverability expert and the impact of being a part of the M3AAWG community on her work.

• Dave Piscitello Receives M3AAWG Mary Litynski Award for a Lifetime of Fighting DNS and Online Abuse

  San Francisco, February 19, 2019 – As a young security consultant, Dave Piscitello wondered, “how do these guys get away with all this spam and malware?” which led him to take on the challenging work of persuading the online ecosystem to address DNS abuse and related issues through his years at ICANN and in his involvement with other industry associations.

• First Japan Anti-Abuse Working Group General Meeting Shares M3AAWG Work with Emphasis on Regional Issues

  San Francisco, Nov. 1, 2018 – Strengthening Asian efforts to protect the internet and online users, the First General Meeting of the Japan Anti-Abuse Working Group will be held Nov. 8 in Tokyo with security and operational professionals from messaging service providers, cloud hosting services, ISPs and other infrastructure organizations.

• ICANN GDPR WHOIS Policy Eliminates Pre-Emptive Protection of Internet Infrastructure Abuse; Obstructs Routine Forensics to Cybercriminals’ Advantage

  Cambridge, Mass. and San Francisco, Oct. 24, 2018 – A joint APWG-M3AAWG survey of cybercrime responders and anti-abuse personnel indicates ICANN’s Temporary Specification for domain name WHOIS data has eliminated interventions that previously allowed investigators to stop new cybercrimes while still in the preparatory stages -- and has markedly impeded routine mitigations for many kinds of cybercrimes. The survey was submitted to ICANN on Oct. 18 by the Anti-Phishing Working Group and the Messaging, Malware and Mobile Anti-Abuse Working Group.

• BEC List Recipients of the 2018 M3AAWG JD Falk Award

  The 2018 M3AAWG JD Falk Award was presented October 9 during the M3AAWG 44^th General Meeting in Brooklyn, NY, USA, to:

  Ronnie Tokazowski, BEC List Founder and Administrator,
  Reverse Engineer, Flashpoint, @iHeartMalware

  and the BEC List Members

  A partial listing of companies participating in the Business Email Compromise List as of October 2018:

• “Under the Radar” Industry Group Fighting BEC Phishing Receives 2018 M3AAWG JD Falk Award

  New York, October 9, 2018 – A private, sequestered email group that you probably have never heard of – but that has helped prevent millions of dollars in fraud and assisted in taking down thousands of Nigerian scheme email accounts – was honored today with the 2018 JD Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working Group.

• Taking on Calendar Spam, Scheduling Developers Organization CalConnect Collaborates with Messaging Anti-Abuse M3AAWG

  McKinleyville, CA and San Francisco, April 5, 2018 – Recognizing that calendar spam is a growing exploitation channel, CalConnect and the global anti-abuse association M3AAWG have joined forces to develop new methods to protect end-users from unsolicited and malicious event notices.  The new liaison between the scheduling developers’ organization and the Messaging, Malware and Mobile Anti-Abuse Working Group will accelerate industry efforts to develop techniques that block invites to fake events and other malicious notices on popular calendaring platforms.

• German Law Enforcement Officials Receive 2017 M3AAWG J.D. Falk Award for Initiating Global Takedown of Avalanche Malware Platform

  Toronto, October 4, 2017 –  M3AAWG honored two German law enforcement officials today for their work in developing the global public/private collaboration that shutdown a massive malware offensive infecting computers in 189 countries and costing victims over $6 million in ransomware payments. Lower Saxony Chief Police Inspector Jörn Bisping and Senior Prosecutor Frank Lange received the 2017 M3AAWG J.D. Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working group for spearheading worldwide efforts to dismantle the criminalized Avalanche platform.

• Latin American and Caribbean Anti-Abuse Working Group to Collaborate with LACNIC and M3AAWG to Fight Online Threats

  San Francisco, May 4, 2017 – The Latin American and Caribbean Network Operators Group (LACNOG) has chartered a new working group to serve as a regional voice in the global anti-abuse community. The new LAC Anti-Abuse Working Group (LAC-AAWG) will convene experts from regional network operator communities and the global Messaging, Malware and Mobile Anti-Abuse Working Group to encourage industry dialogue, develop recommendations and advance best practices for safeguarding online activities.

• M3AAWG Issues New Papers Explaining Password Security, Multifactor Authentication, Encryption Use and DDoS Safeguards; Announces 2017 Leadership and Committee Chairs

  San Francisco, April 4, 2017 – Addressing current threats such as DDoS attacks and Internet of Things security, the Messaging, Malware and Mobile Anti-Abuse Working Group has released five new best practices papers and created new special interest groups to develop cybersecurity approaches that will help protect end-users. The organization also announced its 2017 leadership and committee chairs who are responsible for supporting the group’s ongoing collaborative efforts and identifying new areas of online vulnerability.

• André Leduc Receives M3AAWG 2016 JD Falk Award for Operation Safety-Net and CASL Work that Protects Online Users

  Paris, France Oct. 25, 2016 – The lead architect of both a comprehensive report that demystifies online threats for the general public and an important Canadian law that has appreciably reduced spam has received the M3AAWG 2016 JD Falk Award for his contributions to a safer online world.  André Leduc was recognized for spearheading the global Operation Safety-Net best practices report and for his role in developing the Canadian Anti-spam Legislation that requires marketers to obtain users' permission before sending commercial email.

• Global Cyber Alliance Joins Forces with M3AAWG to Drive Industry Adoption of Cybersecurity Solutions

  San Francisco, May 4, 2016 – Global Cyber Alliance – an organization founded by the New York County District Attorney's Office, the City of London Police and the Center for Internet Security – will be collaborating with M3AAWG to push the security community to more quickly adopt concrete, quantifiable practices that can reduce online threats.

• Internet Infrastructure Coalition (i2Coalition) Joins M3AAWG to Reduce Hosting Industry Abuse, Will Fight Spam, Malware and Other Cloud and Hosting Threats

  San Francisco, March 16, 2016 – The Internet Infrastructure Coalition, i2Coalition, has joined the Messaging, Malware and Mobile Anti-Abuse Working Group to continue work on developing best practices for hosting and cloud service companies and to share other information that will protect end-users. Members of the i2Coalition's new Internet Safety Working Group and its Abuse Reporting Discussion List will be participating in M3AAWG meetings and committee work as the two organizations collaborate on threats aimed at the Internet's infrastructure.

• M3AAWG Tackles Emerging Security Issues with Industry Collaboration; Also Announces 2014 Leadership

  San Francisco, April 22, 2014 – Tackling security concerns with hosting and cloud storage, pervasive monitoring, identity management, and telephony, the Messaging, Malware and Mobile Anti-Abuse Working Group has announced the formation of four new collaborative special interest groups along with its organizational leadership for 2014.  The new SIGs provide a trusted venue for industry participation on critical issues while M³AAWG continues to support the ongoing work in its core security tracts.

• M3AAWG Announces 2013 Leadership for Fighting Malware and Mobile Abuse

  San Francisco, March 20, 2013 – Emphasizing the need for more cooperative cybersecurity efforts across platforms, the Messaging, Malware and Mobile Anti-Abuse Working Group will continue with a diverse leadership structure for 2013.  Alex Bobotek of AT&T and Chris Roosenraad of Time Warner Cable will continue as M³AAWG Co-Chairmen with Michael O’Reirdan of Comcast continuing as a Board member and M³AAWG Chairman Emeritus.

• Independent Georgia Tech Study Reveals Best Ways to Tell Customers “You’re Botted”

  San Francisco, Feb. 20, 2013 – A bot believed to have netted $14 million in illicit profits has been turned into a golden learning opportunity, yielding important insights into how the online community can best alert and assist customers with infected systems.

• M3AAWG San Francisco Meeting Addresses Latest Messaging Security Ranging from Mobile Malware to DDoS Attacks

  San Francisco, Jan. 30, 2013 – With the variety of devices in use today and the pervasive connectivity available to users, malware could easily get the upper hand on many networks without corrective measures.  The Feb. 19-21 M³AAWG 27th General Meeting in San Francisco will focus on helping the industry develop the necessary strategies to protect end-users from the latest messaging abuses, whatever the abuse vector or device that is targeted. 

• New Online and Mobile Best Practices Clarify Business and Governmental Security Tactics

  Baltimore, Oct. 24, 2012 – A cooperative international report available today outlines Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots and other Internet threats, and provides a thorough review of current and emerging threats.

• Nominations Open at M3AAWG for New J.D. Falk Award Honoring Inventive Cyber Security Work

  San Francisco, July 18, 2012 – Seeking to throw a little light on those making the Internet a safer experience for all, the Messaging, Malware and Mobile Anti-Abuse Working Group is now accepting nominations for the first annual J.D. Falk Award, named after the dedicated industry advocate who was instrumental in the growth of M³AAWG and other technical organizations.  The award, developed in conjunction with his employer Return Path, Inc. and his family, celebrates J.D.

• MAAWG Evolves into M3 Tackling Messaging, Malware, Mobile; Breaking through “Silo” Thinking, Pushes Industry to Better Cooperation

  San Francisco, February 14, 2012 – The online industry generally acknowledges that viruses and malicious code are spread through spam, yet it seems that malware and messaging security professionals rarely collaborate on threats despite the commonality of their work. The Messaging Anti-Abuse Working Group is pushing the industry to move beyond this “silo” mentality to better protect end-users.

• MAAWG Hosts Joint European Meeting with LAP/EU CNSA; French Officials to Address Paris Summit on Spam and Malware

  San Francisco, Oct. 5, 2011 – A global summit of online security experts will convene in Paris at a joint MAAWG-LAP meeting featuring keynotes by important French government officials along with panels of international law enforcement agents, public policy advisors, technologists and academic researchers. Organized around the annual European meeting of the Messaging Anti-Abuse Working Group on Oct.

• First China-U.S. Effort to Fight Spam
  (Joint News Release issued with EastWest Institute)
• Incoming State Attorneys General Association President McKenna and FTC Consumer Protection Director Vladeck To Address Online Protection at MAAWG; Global Gathering Tackles Cybersecurity Policy, Technology, Mobile and Social Platforms

• MAAWG Develops First Industry Best Practices for Protecting Web Messaging Consumers; Also Issues Practices for Email Complaint Feedback Loops and Evaluating Anti-Abuse Products for Email Operators
  San Francisco, October 28, 2010 –The first industry best practices to help Web messaging and social networking operators protect users of their Web mail, direct messaging and SMS services from spam and other cyber attacks have been released by the Messaging Anti-Abuse Working Group (MAAWG). MAAWG also published two other new best practices papers clarifying conventional email processes for incorporating consumer complaint feedback loops and to assist ISPs in evaluating anti-abuse tools.

   
• Facebook and Tata Communications Join MAAWG Board of Directors; Will Fight Spam and Online Abuse with Global Industry Organization

  San Francisco, Aug. 18, 2010 – Demonstrating their commitment to work with the international online industry to protect consumers, Facebook and Tata Communications, a leading global telecom service provider that is part of India’s Tata Group, have joined the Messaging Anti-Abuse Working Group at the organization’s highest membership level and will serve on the MAAWG Board of Directors.

• MAAWG Hosts GSMA Security Group in Europe Industry Meeting Attacks Spam Across Platforms, Promotes International, Industry-wide Cooperation
  San Francisco, May 18, 2010 –The Messaging Anti-Abuse Working Group will host the GSMA Security Group at the MAAWG 19^th General Meeting in Barcelona on June 8-10 with a multi-track event focusing on all forms of spam delivery, including mobile, broadband, terrestrial and Web messaging. The meeting will also feature an insiders’ panel discussing the recent crackdown on the Mariposa botnet, sessions on mobile spam and abuse reporting technologies, and a look at critical technical and international public policy issues affecting abuse abatement.
• Consumers Don’t Relate Bot Infections to Risky Behavior As Millions Continue to Click on Spam; MAAWG 2010 Email Security Consumer Survey Expands to North America and Western Europe
• Industry Experts Gather at MAAWG to “Protect the End User”; Messaging Anti-Abuse Working Group Advances Innovative Practices to Safeguard Consumers from Spam and Bots

  San Francisco, Jan. 28, 2010 – With the participation of some of the industry’s largest ISPs, email providers and Internet companies, the Messaging Anti-Abuse Working Group (MAAWG) is focusing on how to better protect the end user from spam, bots and other messaging exploitations during its February meeting in San Francisco.  The three-day, multi-track event will feature experts from Google, Mozilla, Microsoft, all the major anti-virus vendors, social networking sites, and anti-spam researchers, among others.

Mobile

• National Network to End Domestic Violence (NNEDV) Expert to Provide Keynote Address on Intimate Partner Violence in the Digital Age and Strategies to Prevent Abuse at M3AAWG 56th Meeting

  CONTACT:

• Members Worldwide Gather at 55th General Meeting of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) in London to Address Current and Emerging Issues in Messaging, Malware and Cybersecurity

  SAN FRANCISCO, Calif., May 27 – Members of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) will gather June 13-16, 2022 in London as part of its global collaboration on messaging and online abuse.

• Messaging, Malware and Mobile Anti-Abuse Working Group Announces Updated Organizational Priorities, Focus Areas and Initiatives as Online Abuse Evolves

  SAN FRANCISCO, Calif., May 18 – Continuing its widely successful efforts to fight online abuse and enable a safer Internet experience since 2004, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) today announced plans to focus its work around four key industry topics, including readiness, data and identity protection, communications and supply chain, as it continues the development of the organization.

• Messaging, Malware and Mobile Anti-abuse Working Group Members Gather to Address Email, Messaging and Online Security and Abuse Issues

  SAN FRANCISCO, Calif., Feb. 10 – The Messaging, Malware and Mobile Anti-abuse Working Group (M3AAWG) will host its 54th general meeting February 21-24, where members of the group will collaborate on messaging delivery and abuse; network and transport security; cybersecurity across devices; and relevant industry standards and policy issues.

• Response to letter dated 30 September 2021
• Coalition Against Stalkerware Named J.D. Falk Award Winner for Raising Awareness About and Helping Victims of Malicious Spying Apps

  

  Award Honors Falk, Antispam Pioneer and a M3AAWG Founding Member

• Recommendations pertaining to findings from the M3AAWG and APWG WHOIS Survey Report presented to ICANN in June, 2021

  As a followup to the June 2021 survey report of cyber investigators and anti-abuse service providers on the ongoing impacts of ICANN’s implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018), M3AAWG and the Anti-Phishing Working Group (APWG) has released their recommendations for ICANN'S consideration.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) October General Meeting to Address Online Attacks and Abuse, Privacy and Data Protection and the Role of AI in Abuse Prevention

  Keynote to Examine Threats, Including Spyware, That Threaten Digital Communications

• Exploring the Impact of Nonhuman Interactions on Email Send Metrics

  Received email may not be handled only by a human. It may be partially or even fully handled by a software program. The purpose of this document is to offer guidance to marketing and sales staff about the way that nonhuman interactions (NHI, also known as “automated clicks”) affect the performance metrics of their email messages and reporting systems. This document is not intended to solve issues, but rather to provide insights into the effects of NHI and offer some best practices for senders.

• M3AAWG Gathers for Milestone 50th General Meeting to Continue Fighting Online Abuse

  The Messaging, Malware and Mobile Anti-Abuse Working Group, the largest global industry association working against botnets, malware, spam, viruses, DoS attacks, and other online exploitation, will meet virtually October 12-15; Election security tops agenda

• M3AAWG GENERAL MEETING INFORMATION FOR NEW ATTENDEES

   

   

  M3AAWG BOD Co-Chair's Video 

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton’s 15 Years as Executive Director at the 48th General Meeting

  Amy Cadagin Announced as M3AAWG’s New Executive Director 

  SAN FRANCISCO, February 20, 2020 — The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG’s Executive Director after 15 years of service. He will be succeeded by Amy Cadagin. 

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton's 15 Years as Executive Director at the 48th General Meeting

  The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), the largest global industry consortium developing collaborative approaches to combat online abuse, today announced that Jerry Upton will retire from his role as M3AAWG's Executive Director after 15 years of service. He will be succeeded by Amy Cadagin.

• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Recognizes Cristine Hoepers of CERT.br with Mary Litynski Award

  Largest global industry association working against online exploitation presents Dr. Hoepers, general manager of Brazil’s Computer Emergency Response Team (CERT.br), with annual award for research and training to reduce Internet abuse

• How to stop email spoofing of parked domains

  
  https://www.csoonline.com/article/3512239/how-to-stop-email-spoofing-of-parked-domains.html
  J.M. Porup includes M3AAWG recommendations on protecting parked domains in an article on the importance of publishing a DMARC record for every domain a business owns.

• Steven Harroun to the panel on “Cybersecurity Risks and Realities” at the Telecommunications Media Forum

  
  https://www.canada.ca/en/radio-television-telecommunications/news/2019/12/steven-harroun-to-the-panel-on-cybersecurity-risks-and-realities-at-the-telecommunications-media-forum.html
  In a transcribed speech, Steven Harroun, chief compliance and enforcement officer, Canadian Radio-television and Telecommunications Commission (CRTC), describes efforts to protect digital economies and societies. He notes the CRTC’s work with groups like M3AAWG, the Internet Corporation for Assigned Names and Numbers and more.

• Louisiana spurns attempted ransomware attack, governor says

  
  https://www.scmagazine.com/home/security-news/ransomware/louisiana-spurns-attempted-ransomware-attack-governor-says/
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to election integrity for cities and states.

• 3 Cybersecurity Threats Facing Campaigns in 2020

  
  https://www.campaignsandelections.com/campaign-insider/3-cybersecurity-t...
  Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to elections, including SIM jacking, domain spoofing and email hacking.

• JPAAWG 2nd General Meeting

  
  https://internet.watch.impress.co.jp/docs/interview/1217983.html
  The Japan Anti-Abuse Working Group (JPAAWG) cooperates with M3AAWG to examine and implement measures against a wide range of email and messaging attacks, such as spam, malware and DDoS.

• M3AAWG Sending Domains Best Common Practices

  When preparing for bulk or transactional email sending, two items require special attention: outbound IP addresses, and the domain names to be used for these communications. For the latter, ESPs (Email Service Providers) go through this set-up process frequently and have to review the same readiness checklist each time. This process may involve individual client preferences and constraints, both legal and technical.

• Twilio Joins Anti-Abuse Working Group

  
  https://www.technologybusinesstoday.com/news/article/twilio-joins-anti-abuse-working-group
  Twilio announced that it joined M3AAWG, the premier industry group dedicated to combating bots, malware, spam, viruses, denial-of-service attacks and other online exploitation.

• Technology, law, and the world to protect the Internet: Interview with the standards organization JPAAWG

  
  https://www.atmarkit.co.jp/ait/articles/1910/07/news010.html
  Japan Anti-Abuse Working Group (JPAAWG) launched in May 2019 and works with M3AAWG to focus on Internet security in Japan. ITmedia spoke with Mr. Shuji Sakuraba and Mr. Nobuhiro Suemasa of JPAAWG about the group’s work, including collaboration with M3AAWG.

• AI’s Place in Preventing Piracy

  
  https://www.cablefax.com/technology/rough-seas-ais-place-in-preventing-piracy
  Cable operators are working to prevent disruptions to their networks caused by the streaming of pirated content and DDoS attacks. The article calls out CableLabs’ work with M3AAWG on the DDoS Information Sharing Project.

• Is a DMARC policy really right for everyone?

  
  https://www.valimail.com/blog/dmarc-enforcement-for-everyone/
  Valimail makes the case for DMARC enforcement and notes that M3AAWG recommends enforcement as a deliverability best practice.

• Solving extreme email deliverability mysteries

  
  https://postmarkapp.com/podcast/solving-extreme-email-deliverability-mysteries
  Anna Ward, Postmark’s head of deliverability, discusses her path to becoming an email deliverability expert and the impact of being a part of the M3AAWG community on her work.

• First Japan Anti-Abuse Working Group General Meeting Shares M3AAWG Work with Emphasis on Regional Issues

  San Francisco, Nov. 1, 2018 – Strengthening Asian efforts to protect the internet and online users, the First General Meeting of the Japan Anti-Abuse Working Group will be held Nov. 8 in Tokyo with security and operational professionals from messaging service providers, cloud hosting services, ISPs and other infrastructure organizations.

• Taking on Calendar Spam, Scheduling Developers Organization CalConnect Collaborates with Messaging Anti-Abuse M3AAWG

  McKinleyville, CA and San Francisco, April 5, 2018 – Recognizing that calendar spam is a growing exploitation channel, CalConnect and the global anti-abuse association M3AAWG have joined forces to develop new methods to protect end-users from unsolicited and malicious event notices.  The new liaison between the scheduling developers’ organization and the Messaging, Malware and Mobile Anti-Abuse Working Group will accelerate industry efforts to develop techniques that block invites to fake events and other malicious notices on popular calendaring platforms.

• El valor de hacerse miembro. Hoja informativa.

  El valor de hacerse miembro. Hoja informativa. – M3AAWG Membership Value and Fact Sheet in Spanish

• M3AAWG Membership Value and Fact Sheet
• M3AAWG Issues New Papers Explaining Password Security, Multifactor Authentication, Encryption Use and DDoS Safeguards; Announces 2017 Leadership and Committee Chairs

  San Francisco, April 4, 2017 – Addressing current threats such as DDoS attacks and Internet of Things security, the Messaging, Malware and Mobile Anti-Abuse Working Group has released five new best practices papers and created new special interest groups to develop cybersecurity approaches that will help protect end-users. The organization also announced its 2017 leadership and committee chairs who are responsible for supporting the group’s ongoing collaborative efforts and identifying new areas of online vulnerability.

• André Leduc Receives M3AAWG 2016 JD Falk Award for Operation Safety-Net and CASL Work that Protects Online Users

  Paris, France Oct. 25, 2016 – The lead architect of both a comprehensive report that demystifies online threats for the general public and an important Canadian law that has appreciably reduced spam has received the M3AAWG 2016 JD Falk Award for his contributions to a safer online world.  André Leduc was recognized for spearheading the global Operation Safety-Net best practices report and for his role in developing the Canadian Anti-spam Legislation that requires marketers to obtain users' permission before sending commercial email.

• Global Cyber Alliance Joins Forces with M3AAWG to Drive Industry Adoption of Cybersecurity Solutions

  San Francisco, May 4, 2016 – Global Cyber Alliance – an organization founded by the New York County District Attorney's Office, the City of London Police and the Center for Internet Security – will be collaborating with M3AAWG to push the security community to more quickly adopt concrete, quantifiable practices that can reduce online threats.

• M3AAWG Mobile Messaging Best Practices for Service Providers - Updated August 2015

  These industry best practices are intended to help mitigate the abuse of mobile messaging (i.e., SMS, MMS and RCS), including text messaging and connected services. The guidelines outlined here will assist service providers and vendors in maintaining practical levels of trust and security across an open, globally-interconnected messaging environment. Updated August 2015.

• Operation Safety-Net: Best Practices to Address Online, Mobile, and Telephony Threats

  Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.

• M3AAWG Tackles Emerging Security Issues with Industry Collaboration; Also Announces 2014 Leadership

  San Francisco, April 22, 2014 – Tackling security concerns with hosting and cloud storage, pervasive monitoring, identity management, and telephony, the Messaging, Malware and Mobile Anti-Abuse Working Group has announced the formation of four new collaborative special interest groups along with its organizational leadership for 2014.  The new SIGs provide a trusted venue for industry participation on critical issues while M³AAWG continues to support the ongoing work in its core security tracts.

• M3AAWG Response to Stakeholder Input on the Role of Governments, ITU-CWG on Internet-related Public Policy Issues

  Submitted to the U.S. State Department in January 2014, responding to its request for Stakeholder Input on the Role of Governments, International Telecommunication Union Council Working Group on Internetprelated Public Policy Issues.

• M3AAWG Comments on the WHOIS Misuse Study

  Submitted to ICANN in response to their misuse survey report.

• M3AAWG Comments on ICANN EWG Initial Report

  Submitted to ICANN in August 2013 in response to ICANN's Expert Working Group report.

   

• Response to CWG-Internet Request for Online Consultation-Combatting Spam

  Submitted in July 2013 to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in response to a request for comments on effectively countering and combatting spam.

• M3AAWG response to NIST Request for Information: Framework for Reducing Cyber Risks to Critical infrastructure

  Submitted to the NIST in April 2013
  Response to two questions in the National Institute of Standards and Technology Request for Information is also posted at the NIST site with comments from other organization

  s.
   

• M3AAWG Announces 2013 Leadership for Fighting Malware and Mobile Abuse

  San Francisco, March 20, 2013 – Emphasizing the need for more cooperative cybersecurity efforts across platforms, the Messaging, Malware and Mobile Anti-Abuse Working Group will continue with a diverse leadership structure for 2013.  Alex Bobotek of AT&T and Chris Roosenraad of Time Warner Cable will continue as M³AAWG Co-Chairmen with Michael O’Reirdan of Comcast continuing as a Board member and M³AAWG Chairman Emeritus.

• M3AAWG Comments on CASL Draft Electronic Commerce Protection Regulations

  Submitted to Industry Canada in February 2013 - Letter submitted in response to request for comments on the draft Electronic Commerce Protection Regulations related to CASL.

   

• M3AAWG San Francisco Meeting Addresses Latest Messaging Security Ranging from Mobile Malware to DDoS Attacks

  San Francisco, Jan. 30, 2013 – With the variety of devices in use today and the pervasive connectivity available to users, malware could easily get the upper hand on many networks without corrective measures.  The Feb. 19-21 M³AAWG 27th General Meeting in San Francisco will focus on helping the industry develop the necessary strategies to protect end-users from the latest messaging abuses, whatever the abuse vector or device that is targeted. 

• New Online and Mobile Best Practices Clarify Business and Governmental Security Tactics

  Baltimore, Oct. 24, 2012 – A cooperative international report available today outlines Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots and other Internet threats, and provides a thorough review of current and emerging threats.

• M3AAWG Conduct Policy

  Conduct Policy Updated and Approved by the M3AAWG Board of Directors June 6, 2024. Original policy Approved by the M3AAWG Board of Directors 1-11-2019

  1. Overall Policy

• M3AAWG Comments on Preliminary Issue Report on Uniformity of Contracts to Address Registration Abuse

  Response to staff recommendations in the ICANN report.

• Comments on Abuse Contact Management in the RIPE Database

  Submitted to RIPE in August 2012
  Response to RIPE’s proposal to introduce a new contact attribute named "abuse-c

  :"
   

• Nominations Open at M3AAWG for New J.D. Falk Award Honoring Inventive Cyber Security Work

  San Francisco, July 18, 2012 – Seeking to throw a little light on those making the Internet a safer experience for all, the Messaging, Malware and Mobile Anti-Abuse Working Group is now accepting nominations for the first annual J.D. Falk Award, named after the dedicated industry advocate who was instrumental in the growth of M³AAWG and other technical organizations.  The award, developed in conjunction with his employer Return Path, Inc. and his family, celebrates J.D.

• M3AAWG Comments on ICANN WHOIS Policy Review Team Final Report

  Response to the final report from the ICANN WHOIS Policy Review Team

• M3AAWG Comments on WHOIS Policy Review Team Draft Report

  Response to the December 5, 2011 ICANN report from the WHOIS Review Team (WRT).

• MAAWG Evolves into M3 Tackling Messaging, Malware, Mobile; Breaking through “Silo” Thinking, Pushes Industry to Better Cooperation

  San Francisco, February 14, 2012 – The online industry generally acknowledges that viruses and malicious code are spread through spam, yet it seems that malware and messaging security professionals rarely collaborate on threats despite the commonality of their work. The Messaging Anti-Abuse Working Group is pushing the industry to move beyond this “silo” mentality to better protect end-users.

• MAAWG Comments on Protect IP and SOPA

  Submitted to U.S. Congress committees on the judiciary in December 2011
  MAAWG outlined technical issues with S.968, Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, and H.R.3261, Stop Online Piracy Act, in a letter to the judiciary committees of the U.S. Senate and U.S. House of Representatives.

   

• MAAWG Comments on the Draft Final Report of the Internationalized Registration Data Working Group

  Submitted to ICANN in November 2011
  Responses to ICANN on issues in the draft report covering the intrnationalization of domains can be read on the draft report comment site at http://forum.icann.org/lists/ird-draft-final-report/

   

• MAAWG Comments on Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware

  Submitted to NIST in November 2011- Responding to a Request for Information from the U.S. Department of Commerce (DoC) and U.S. Department of Homeland Security (DHS), the comments are also available on the NIST site.

   

• MAAWG Hosts Joint European Meeting with LAP/EU CNSA; French Officials to Address Paris Summit on Spam and Malware

  San Francisco, Oct. 5, 2011 – A global summit of online security experts will convene in Paris at a joint MAAWG-LAP meeting featuring keynotes by important French government officials along with panels of international law enforcement agents, public policy advisors, technologists and academic researchers. Organized around the annual European meeting of the Messaging Anti-Abuse Working Group on Oct.

• MAAWG Comments on National Initiative for Cybersecurity Education (NICE) Draft Strategic Plan

  MAAWG submitted comments in September 2011
  The comments were submitted to the National Institute of Standards and Technologyon its draft NICE plan.

• MAAWG Comments on CRTC's Draft Electronic Commerce Protection Regulations

  A response from MAAWG to the Canadian commission were submitted in September 2011.
  Submitted comments on the regulations to the Canadian Radio-television and Telecommunications Commission (CRTC) draft regulations.

• MAAWG Comments to UK House of Commons Inquiry into Malware and Cyber-crime

  MAAWG submitted a response in September 2011 to the Science and Technology Committee, UK House of Commons
  The committee's inquiry covered a variety of questions related to malware and cyber-crime.

• Comments on "Cybersecurity, Innovation and the Internet Economy" issued June 2011

  MAAWG responded to the Department of Commerce (DOC) Internet Policy Task Force's seventy-seven page green paper on "Cybersecurity, Innovation and the Internet Economy."

• MAAWG Comments on ICANN’s Draft FY2012 Budget

  MAAWG members, and our members' customers, like all Internet users, rely daily on Internet names. MAAWG commented on the proposed budget from the perspective of encouraging ICANN to continue to offer a reliable, high performance, cost effective, scalable and trustworthy system of domain names.

• Comments on ICANN WHOIS Review Team

  MAAWG comments were submitted in April 2011 on the ICANN site in response to the ICANN Call for Public Comment
  Responding to the ICANN WHOIS Review Team, MAAWG submitted comments on the useablity, access, accuracy and reliability of WHOIS and on the improvement of WDPRS.

• Incoming State Attorneys General Association President McKenna and FTC Consumer Protection Director Vladeck To Address Online Protection at MAAWG; Global Gathering Tackles Cybersecurity Policy, Technology, Mobile and Social Platforms

• Comments on UK BIS Consultation on Implementing the Revised EU Electronic Communications Framework

  MAAWG comments were submitted December 2010 in response to the BIS proposal.
  The UK Department for Business Innovation and Skills launched its proposals for implementing the revised EU Electronic Communications Framework. The BIS document set out their preferred approach to implementation and asked questions on a limited number of specific issues.

• MAAWG Response to U.S. Department of Commerce’s Internet Policy Task Force on the Global Free Flow of Information on the Internet

  MAAWG comments were submitted November 2010 in response to the DoC request.
  The U.S. Department of Commerce’s Internet Policy Task Force requested comments on government policies that restrict Internet information flow, seeking to understand why these restrictions have been instituted; what, if any, impact they have, and how to address negative impacts. The DoC will publish a report contributing to the Administration’s domestic policy and international engagement on these issues.

• MAAWG Comments on ICANN FY 11 Update to Plan for Enhancing Internet Security, Stability & Resiliency

  MAAWG comments were submitted November 2010 in response to ICANN’s Plan.
  ICANN requested comments on an update to its initial plan that will be implemented in the 2010-2011 operational year. The updated plan is intended as a baseline document for ICANN and its community for organizing its security, stability and resiliency efforts.

• MAAWG Develops First Industry Best Practices for Protecting Web Messaging Consumers; Also Issues Practices for Email Complaint Feedback Loops and Evaluating Anti-Abuse Products for Email Operators
  San Francisco, October 28, 2010 –The first industry best practices to help Web messaging and social networking operators protect users of their Web mail, direct messaging and SMS services from spam and other cyber attacks have been released by the Messaging Anti-Abuse Working Group (MAAWG). MAAWG also published two other new best practices papers clarifying conventional email processes for incorporating consumer complaint feedback loops and to assist ISPs in evaluating anti-abuse tools.

   
• MAAWG Comments on ICANN Study on the Prevalence of Domain Names Registered Using a Privacy or Proxy Registration Service

  MAAWG comments were submitted October 2010 based on the ICANN request.
  ICANN conducted an exploratory study in 2009 to assess an approximate percentage of domain names (through a statistical sampling plan) contained in the top 5 gTLD registries that used privacy or proxy registration services. The study indicated that at least 18% (and probably not much more than 20%) of the domain names contained in the top 5 gTLD registries used privacy or proxy registration services.

• MAAWG Letter Regarding Canadian Fighting Internet and Wireless Spam Act (FISA)

  The MAAWG letter supporting elements of FISA (see www2.parl.gc.ca/Sites/LOP/LEGISINFO/index.asp?Language=E&list=agenda) was submitted September 2010.
  MAAWG submitted a letter supporting the global sharing of abuse-fighting information between law enforcement that is included in Canadian Bill C-28 establishing the federal Fighting Internet and Wireless Spam Act (“FISA”).

• MAAWG Comments on Department of Commerce Cybersecurity, Innovation and the Internet Economy

  MAAWG comments were submitted to the Department of Commerce’s request in September 2010. The DoC site has all submitted comments.
  The Department of Commerce’s Internet Policy Task Force undertook a comprehensive review of the nexus between cybersecurity challenges in the commercial sector and innovation in the Internet economy. The Department was seeking comments on measures to improve cybersecurity while sustaining innovation.

• MAAWG Comments on National Broadband Plan Recommendation to Create a Cybersecurity Roadmap

  MAAWG comments were submitted in response to U.S. Federal Communications Commission recommendations in September 2010.
  The U.S. FCC’s Public Safety and Homeland Security Bureau (PSHSB) requested comment on the creation of a Cybersecurity Roadmap. The plan would identify vulnerabilities to communications networks or end-users and develop countermeasures and solutions in preparation for, and response to, cyber threats and attacks in coordination with federal partners.

• Facebook and Tata Communications Join MAAWG Board of Directors; Will Fight Spam and Online Abuse with Global Industry Organization

  San Francisco, Aug. 18, 2010 – Demonstrating their commitment to work with the international online industry to protect consumers, Facebook and Tata Communications, a leading global telecom service provider that is part of India’s Tata Group, have joined the Messaging Anti-Abuse Working Group at the organization’s highest membership level and will serve on the MAAWG Board of Directors.

• MAAWG Response to ICANN's Initial Report on Proposals for Improvements to the Registrar Accreditation Agreement (RAA)

  The MAAWG response was submitted July 2010 in response to ICANN’s initial report for RAA improvements.
  The ICANN report describes recommendations on the proposed form of a Registrant Rights and Responsibilities Charter, and describing the potential topics for additional amendments to the RAA. It also includes a proposal for next steps the GNSO Council should consider in determining whether to recommend the ICANN Board adopt a new form RAA.

• MAAWG Response to National Strategy for Trusted Identities in Cyberspace

  MAAWG offered comments on the U.S. Department of Homeland Security’s strategy in July 2010
  The U.S. Department of Homeland Security’s draft plan is focused on maintaining a secure cyberspace, which is critical to the health of the economy and national security. It outlines how the federal government might address the recent and alarming rise in online fraud, identity theft, and misuse of information online.

• MAAWG Hosts GSMA Security Group in Europe Industry Meeting Attacks Spam Across Platforms, Promotes International, Industry-wide Cooperation
  San Francisco, May 18, 2010 –The Messaging Anti-Abuse Working Group will host the GSMA Security Group at the MAAWG 19^th General Meeting in Barcelona on June 8-10 with a multi-track event focusing on all forms of spam delivery, including mobile, broadband, terrestrial and Web messaging. The meeting will also feature an insiders’ panel discussing the recent crackdown on the Mariposa botnet, sessions on mobile spam and abuse reporting technologies, and a look at critical technical and international public policy issues affecting abuse abatement.
• MAAWG Comments on ARIN Draft Policy 2010-3 “Customer Confidentiality”

  MAAWG submitted comments in March 2010. As recommended by MAAWG and others, ARIN changed course on this topic.
  The initial draft policy would have allowed ISPs to hide the true customer of a domain name. The revised Version 2 policy that was implemented recognized the need for the customer name to remain in the SWIP and RWHOIS information.

• MAAWG Comments, FCC’s In the Matter of Preserving the Open Internet, GN Docket No. 09-191, WC Docket No. 07-52, Notice of Proposed Rulemaking, FCC 09-93 (Rel. Oct. 22, 2009)

  MAAWG submitted these comments in January 2010 to the U.S. Federal Communications Commission on its open Internet proposal. The FCC requested public input on draft rules to preserve an open Internet. The FCC is seeking to preserve a platform based on a historically open architecture that has been accessible to anyone with a basic knowledge of its protocols.

• M3AAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks

  Note:  This M3AAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

  Note:  This MAAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

Committee Documents

• Exploring the Impact of Nonhuman Interactions on Email Send Metrics

  Received email may not be handled only by a human. It may be partially or even fully handled by a software program. The purpose of this document is to offer guidance to marketing and sales staff about the way that nonhuman interactions (NHI, also known as “automated clicks”) affect the performance metrics of their email messages and reporting systems. This document is not intended to solve issues, but rather to provide insights into the effects of NHI and offer some best practices for senders.

• M3AAWG Response for ICANN Security Stability and Resiliency Review Team (Two)

  The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review the draft report from ICANN’s Security Stability and Resiliency Review Team (Two).

• M3AAWG Sending Domains Best Common Practices

  When preparing for bulk or transactional email sending, two items require special attention: outbound IP addresses, and the domain names to be used for these communications. For the latter, ESPs (Email Service Providers) go through this set-up process frequently and have to review the same readiness checklist each time. This process may involve individual client preferences and constraints, both legal and technical.

Supporting Document

• El valor de hacerse miembro. Hoja informativa.

  El valor de hacerse miembro. Hoja informativa. – M3AAWG Membership Value and Fact Sheet in Spanish

• M3AAWG Membership Value and Fact Sheet
• Georgia Tech DNS Changer Remediation Study

  Results by Georgia Tech researchers of a study based on the industry’s response to the DNS Changer Trojan with shared recommendations to help curb future malware outbreaks that was presented at the M3AAWG 27th General Meeting in San Francisco.

  A study presented at the M³AAWG 27^th General Meeting in February 2013 in San Francisco by Georgia Tech researchers Wei Meng, Ruian Duan and Wenke Lee with data provided by the DNS Changer Working Group to determine the most effective methods of notifying end-users of malware infections.

Bot Metrics Report

• M3AAWG Bot Metrics Report #1 Combined – 2012 and 2013

  Combines data from our first report in 2012 through 2013

M3AAWG Reports

• M3AAWG Bot Metrics Report #1 Combined – 2012 and 2013

  Combines data from our first report in 2012 through 2013

• Key Findings of the 2010 MAAWG Email Security Awareness and Usage Survey

  Summarizing the highlights of the consumer survey covering North America and Western Europe with the main graphs.