Home M3AAWG Blog

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

Interisle Consulting Group recently released its report (https://interisle.net/MalwareLandscape2021.html) studying six months of malware. 

Data showed that, based on 1.7 million malware reports collected from January 1, 2021 to June 30, 2021, malware reports increased 63% in the first half of 2021. The findings are based on analyzing 1,686,033 malware reports during a six-month study period from four widely used and respected threat intelligence sources.

The key takeaways are summarized below from the report. 

The Q3 2021 Phishing Activity Trends Report has been published. The report includes data and analysis of phishing attacks as reported to the APWG by its member companies, its global research partners, through the organization’s website at https://apwg.org, and by e-mail submissions to reportphishing@antiphishing.org

APWP sources define phishing as “…a crime employing both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. “

The 2021 Ponemon Data Breach research report, sponsored by IBM, has been released, and data shows that the cost of breaches and attacks continues to increase.

On Sept. 30, 2021, M3 AAWG and the Anti-Phishing Working Group (APWG) provided its recommendations to ICANN regarding WHOIS domain name access. M3 AAWG and APWG had conducted surveys in 2018 and 2021 to understand the impact of ICANN implementation of the EU GDPR Temporary for gTLD Registration Data.

As Internet usage has exploded and become an integral part of everyone’s personal and business lives, the opportunities to exploit user data have become ever more attractive. Sophisticated tracking and explosion of third-party ad and other services ensure that very few users can defend themselves against data harvesting and attacks. 


In this session at M3AAWG’s 53rd general meeting October 2021, Johnathan Azaria describes the usage of machine learning to create better security configuration for DDoS protection

Finding the best security configuration is crucial - If set correctly, it provides maximum security with minimal risk by balancing between the false positives and false negatives. However, because domain experts often need to manually work on each security configuration, this process can't be scaled. 


Last month at M3AAWG’s 53rd general meeting October 2021, members led a session on risky and potentially abusive industries. 

The Risky Business – Abusive Industries panel explores how and why senders allow certain industry types access to their platform while prohibiting others and how receivers view mail from these industries. Moderated by Matthew Grove (Mailchimp), Benjamin Billon (SPLIO) and John Peters (CM Group) provide a sender’s perspective while Lili Crowley (Yahoo!) presents the receiver’s point of view. 

With more users linking calendars to a variety of applications and other services, spam is becoming more of an issue.
At this month’s M3AAWG’s 53rd general meeting October 2021, members discussed this issue.

M3AAWG welcomes proposals for keynotes, sessions, panels, and training sessions for its 54th General Meeting Feb. 21-24, 2022. We are currently seeking proposals for sessions that can be held virtually or in-person.

In October, M3AAWG hosted its 53rd general meeting, where members convened virtually to address trends, technologies, issues and challenges related to messaging, mobile platforms and cybersecurity.



Subscribe to M3AAWG Blog