Home M3AAWG Blog

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

As we’re approaching M3AAWG’s milestone 50th General Meeting on October 12-15, we’ve invited members – both veterans and newcomers – to celebrate the journey of M3AAWG from its humble beginnings to becoming the largest anti-abuse consortium in the world. To capture all the characteristics and memories that make M3AAWG special, we’ve asked M3AAWG founding members, former and current chairpeople, and officers to share their perspectives. In this post, we’ll share highlights of our founding story from those who helped build the organization, including the organization's conception, growth, and where we are today.

As schools ramp up virtual teaching and companies continue working remotely, maintaining our digital connections and keeping websites up and running is more crucial than ever before. But we’re seeing a sharp increase in Distributed Denial of Service (DDoS) attacks in 2020: there were almost double the amount of attacks in the first quarter of 2020 compared to Q4 2019. This is part of a continuous upward trajectory over 30 years.

In our upcoming Member Engagement webinar series, Stephen Farrell, M3AAWG Senior Technical Advisor, will host a session detailing the state of COVID-19 contact-tracing applications and discuss their security, privacy and efficiency implications. The session will take place on Tuesday, September 15th at 8am PT / 11am ET. Professionals from M3AAWG member companies are welcome to join the session. To register, please visit the M3AAWG Engagement Series site.

At M3AAWG’s 49th General Meeting, the COVID-19 pandemic was a central focus of the session “Is COVID-19 the Cure for Fraud?” The joint session, facilitated by M3AAWG and the Communications Fraud Control Association (CFCA), brought together professionals from across messaging to discuss the pandemic’s impact on the online fraud landscape.

With the majority of companies working remotely for the foreseeable future, and social distancing procedures still in effect, we’re entirely reliant on digital communications, particularly email. Bad actors are taking advantage of this dependence, resulting in an uptick in email-related cybercrime, such as spear phishing attacks, where criminals pose as legitimate senders with a specific request.


In the latest installment in our Member Engagement Series, Dennis Dayman, Program and Growth & Development Chairperson and Elections Co-Chair at M3AAWG, will host a session on the state of U.S. data privacy regulations in relation to international standards on Tuesday, September 1st at 8am PT / 11am ET. Professionals from M3AAWG member companies are welcome to join the session to learn more on the latest developments. To register for the webinar, please visit the M3AAWG Engagement Series site.

On August 6th, I participated in a panel discussion hosted by Infosecurity Magazine focused on technologies, strategies and tactics to fight phishing. The discussion, moderated by Dan Raywood, the publication’s Contributing Editor, and featuring Olesia Klevchuk, Senior Product Marketing Manager at Barracuda and James Gosnold, Security Practitioner, provided a comprehensive overview of the latest phishing-related threats and offered insight into how security professionals have adjusted their security approaches following the COVID-19 pandemic.

Each year at our fall General Meeting, M3AAWG honors the legacy and spirit of founding member, J.D. Falk, through our J.D. Falk Award. In the wake of COVID-19 – and the corresponding uptick in cybercrime – members of the anti-abuse community have mobilized faster than ever to safeguard the online ecosystem. At M3AAWG 50, hosted virtually from October 12-15, we’ll present our ninth J.D. Falk award to a member of the anti-abuse community that has embodied Falk’s dedication to protecting end-users in this especially vulnerable time.


There is a profound need for digital connectivity

The progenitors of the internet created and used email to facilitate the work that went into building and evolving the shared global resource that in these extraordinary times is connecting the world. That connection is made possible, in part, by the world-wide use of email. Email has proven to be the longest lasting digital communication channel, with the largest user base of any free or paid platform or product. What’s more, email is the first and most foundational source of identity on the internet. However, it is not without its difficulties—the email’s massive reach makes it a ripe target for bad actors seeking to deploy compromises and attacks on a global scale.

Author: Alex Brotman, Chair, M3AAWG Data and Identity Protection Special Interest Group

Like a driver’s license confirms your identity, your phone number is used to verify your identity online. Given the widespread use of phone numbers in two-factor authentication and password reset, SIMs are an extremely valuable target for cybercriminals –– and anyone could become a victim. Armed with only a phone number, cybercriminals manipulate their way into accessing personal financial information, cryptocurrency accounts, and even corporate email accounts, exposing sensitive data that could lead to millions in financial damages.


Subscribe to M3AAWG Blog