Home Malware

Below are the M3AAWG published materials related to our work on preventing and mitigating malware. There is also a Malware video playlist on our YouTube channel at www.youtube.com/maawg and there are a few selected videos on our website in the Training Videos and Keynotes Videos sections under the Meetings menu tab.

Best Practices

PDF
July 14, 2016

Using Generic Top Level Domain Registration Information (WHOIS Data) in Anti-Abuse Operations

WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.

PDF
August 26, 2015

M3AAWG Mobile Messaging Best Practices for Service Providers - Updated August 2015

These industry best practices are intended to help mitigate the abuse of mobile messaging (i.e., SMS, MMS and RCS), including text messaging and connected services. The guidelines outlined here will assist service providers and vendors in maintaining practical levels of trust and security across an open, globally-interconnected messaging environment. Updated August 2015.

PDF
June 30, 2015

Anti-Phishing Best Practices for ISPs and Mailbox Providers, Version 2.01, June 2015

This document was jointly developed by the Anti-Phishing Working Group (APWG) and M3AAWG with technical and business practices to help ISPs and mailbox providers thwart phishing attacks and other malevolent network abuses.  It also includes practices to respond constructively when these attacks occur. Version 2.01 updates the anti-phishing best practices originally published in 2006.

PDF
June 08, 2015

Operation Safety-Net: Best Practices to Address Online, Mobile, and Telephony Threats

Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.

PDF
March 16, 2015

M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

System abuse drains time and revenue for hosting and cloud providers, who must maintain constant vigilance to make sure their systems are not compromised and ensure that their customers are vigilant. This document categorizes types of abuse, suggests appropriate responses and reviews practices for dealing with customers and complaints. It provides current best common practices in use with the hosting, DNS and domain registration provider communities.

Pages

Public Policy Comments

August 04, 2014

Additional Responses from Dr. Paul Vixie to the U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

Dr. Vixie's August 4th written response to additional questions requested after the hearing on botnet takedowns is also available from the official U.S. Committee on the Judiciary Committee hearing website at
www.judiciary.senate.gov/download/vixie-qfrs-71514 .

July 15, 2014

Dr. Paul Vixie's Testimony at U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"

The extended written statement by Dr. Paul Vixie, author of several IETF DNS standards and Farsight Security, Inc. CEO. He also, augments his testimony starting around 1 hour and 34 minutes in the official hearing video (http://bit.ly/BotnetTakedownHearing2014) from the U.S. Senate Committee on the Judiciary website at http://www.judiciary.senate.gov/meetings/taking-down-botnets_public-and-... . Dr. Vixie testified at the July 15, 2014 hearing at the request of M3AAWG.

January 09, 2014

M3AAWG Response to Stakeholder Input on the Role of Governments, ITU-CWG on Internet-related Public Policy Issues

Submitted to the U.S. State Department in January 2014, responding to its request for Stakeholder Input on the Role of Governments, International Telecommunication Union Council Working Group on Internetprelated Public Policy Issues.

December 17, 2013

M3AAWG Comments on the WHOIS Misuse Study

Submitted to ICANN in response to their misuse survey report.

December 01, 2013

M3AAWG Comments on ICANN Misuse Report

Submitted to ICANN in December 2013 in response to ICANN's misuse survey.

Pages

M3AAWG Reports

DM3Z Blog

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

There is no blog posts.

News

Subscribe to Subscribe to News Releases