System abuse drains time and revenue for hosting and cloud providers, who must maintain constant vigilance to make sure their systems are not compromised and ensure that their customers are vigilant. This document categorizes types of abuse, suggests appropriate responses and reviews practices for dealing with customers and complaints. It provides current best common practices in use with the hosting, DNS and domain registration provider communities.
These updated best practices outline the criteria for exit, entry, remediation and subscriber education when using a walled garden to remediate virus and bot infections in subscriber devices.
Just as speaking a common language allows two people to communicate effectively, standards that define the format of abuse reports and the destination address for them increase the effectiveness of network owners in fighting abusive traffic.
Submitted to the U.S. State Department in January 2014, responding to its request for Stakeholder Input on the Role of Governments, International Telecommunication Union Council Working Group on Internetprelated Public Policy Issues.
Submitted to ICANN in response to their misuse survey report.
Submitted in July 2013 to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in response to a request for comments on effectively countering and combatting spam.
Results by Georgia Tech researchers of a study based on the industry’s response to the DNS Changer Trojan with shared recommendations to help curb future malware outbreaks that was presented at the M3AAWG 27th General Meeting in San Francisco.
A study presented at the M3AAWG 27th General Meeting in February 2013 in San Francisco by Georgia Tech researchers Wei Meng, Ruian Duan and Wenke Lee with data provided by the DNS Changer Working Group to determine the most effective methods of notifying end-users of malware infections.
Response to staff recommendations in the ICANN report.
Response to the final report from the ICANN WHOIS Policy Review Team
Response to the December 5, 2011 ICANN report from the WHOIS Review Team (WRT).
MAAWG responded to the Department of Commerce (DOC) Internet Policy Task Force's seventy-seven page green paper on "Cybersecurity, Innovation and the Internet Economy."
MAAWG members, and our members' customers, like all Internet users, rely daily on Internet names. MAAWG commented on the proposed budget from the perspective of encouraging ICANN to continue to offer a reliable, high performance, cost effective, scalable and trustworthy system of domain names.
Outlining practices used during trial evaluations of messaging anti-abuse products or services, this document provides recommendations on processes and techniques to accurately determine a particular solution’s effectiveness.
This paper briefly discusses how an DNS attack works, the impact of this threat, proposes a solution and discusses the advantages and disadvantages from a technical, business and regulatory standpoint
Summarizing the highlights of the consumer survey covering North America and Western Europe with the main graphs.
A summary of the most effective abuse desk best practices from MAAWG service providers
San Francisco, April 22, 2014 – Tackling security concerns with hosting and cloud storage, pervasive monitoring, identity management, and telephony, the Messaging, Malware and Mobile Anti-Abuse Working Group has announced the formation of four new collaborative special interest groups along with its organizational leadership for 2014. The new SIGs provide a trusted venue for industry participation on critical issues while M3AAWG continues to support the ongoing work in its core security tracts.
San Francisco, March 20, 2013 – Emphasizing the need for more cooperative cybersecurity efforts across platforms, the Messaging, Malware and Mobile Anti-Abuse Working Group will continue with a diverse leadership structure for 2013. Alex Bobotek of AT&T and Chris Roosenraad of Time Warner Cable will continue as M3AAWG Co-Chairmen with Michael O’Reirdan of Comcast continuing as a Board member and M3AAWG Chairman Emeritus.
San Francisco, Feb. 20, 2013 – A bot believed to have netted $14 million in illicit profits has been turned into a golden learning opportunity, yielding important insights into how the online community can best alert and assist customers with infected systems.
San Francisco, Jan. 30, 2013 – With the variety of devices in use today and the pervasive connectivity available to users, malware could easily get the upper hand on many networks without corrective measures. The Feb. 19-21 M3AAWG 27th General Meeting in San Francisco will focus on helping the industry develop the necessary strategies to protect end-users from the latest messaging abuses, whatever the abuse vector or device that is targeted.
Baltimore, Oct. 24, 2012 – A cooperative international report available today outlines Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots and other Internet threats, and provides a thorough review of current and emerging threats.
San Francisco, July 18, 2012 – Seeking to throw a little light on those making the Internet a safer experience for all, the Messaging, Malware and Mobile Anti-Abuse Working Group is now accepting nominations for the first annual J.D. Falk Award, named after the dedicated industry advocate who was instrumental in the growth of M3AAWG and other technical organizations. The award, developed in conjunction with his employer Return Path, Inc. and his family, celebrates J.D.
San Francisco, February 14, 2012 – The online industry generally acknowledges that viruses and malicious code are spread through spam, yet it seems that malware and messaging security professionals rarely collaborate on threats despite the commonality of their work. The Messaging Anti-Abuse Working Group is pushing the industry to move beyond this “silo” mentality to better protect end-users.
San Francisco, Oct. 5, 2011 – A global summit of online security experts will convene in Paris at a joint MAAWG-LAP meeting featuring keynotes by important French government officials along with panels of international law enforcement agents, public policy advisors, technologists and academic researchers. Organized around the annual European meeting of the Messaging Anti-Abuse Working Group on Oct.
- (Joint News Release issued with EastWest Institute)
- San Francisco, October 28, 2010 –The first industry best practices to help Web messaging and social networking operators protect users of their Web mail, direct messaging and SMS services from spam and other cyber attacks have been released by the Messaging Anti-Abuse Working Group (MAAWG). MAAWG also published two other new best practices papers clarifying conventional email processes for incorporating consumer complaint feedback loops and to assist ISPs in evaluating anti-abuse tools.
San Francisco, Aug. 18, 2010 – Demonstrating their commitment to work with the international online industry to protect consumers, Facebook and Tata Communications, a leading global telecom service provider that is part of India’s Tata Group, have joined the Messaging Anti-Abuse Working Group at the organization’s highest membership level and will serve on the MAAWG Board of Directors.
- San Francisco, May 18, 2010 –The Messaging Anti-Abuse Working Group will host the GSMA Security Group at the MAAWG 19th General Meeting in Barcelona on June 8-10 with a multi-track event focusing on all forms of spam delivery, including mobile, broadband, terrestrial and Web messaging. The meeting will also feature an insiders’ panel discussing the recent crackdown on the Mariposa botnet, sessions on mobile spam and abuse reporting technologies, and a look at critical technical and international public policy issues affecting abuse abatement.
San Francisco, Jan. 28, 2010 – With the participation of some of the industry’s largest ISPs, email providers and Internet companies, the Messaging Anti-Abuse Working Group (MAAWG) is focusing on how to better protect the end user from spam, bots and other messaging exploitations during its February meeting in San Francisco. The three-day, multi-track event will feature experts from Google, Mozilla, Microsoft, all the major anti-virus vendors, social networking sites, and anti-spam researchers, among others.