- M3AAWG Malware playlist on YouTube
- Selected Training Videos (also available on www.youtube.com/maawg)
- Selected Keynote Videos (also available on www.youtube.com/maawg)
Below are the M3AAWG published materials related to our work on preventing and mitigating malware. There is also a Malware video playlist on our YouTube channel at www.youtube.com/maawg and there are a few selected videos on our website in the Training Videos and Keynotes Videos sections under the Meetings menu tab.
Using Generic Top Level Domain Registration Information (WHOIS Data) in Anti-Abuse Operations
WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.
M3AAWG Mobile Messaging Best Practices for Service Providers - Updated August 2015
These industry best practices are intended to help mitigate the abuse of mobile messaging (i.e., SMS, MMS and RCS), including text messaging and connected services. The guidelines outlined here will assist service providers and vendors in maintaining practical levels of trust and security across an open, globally-interconnected messaging environment. Updated August 2015.
Anti-Phishing Best Practices for ISPs and Mailbox Providers, Version 2.01, June 2015
This document was jointly developed by the Anti-Phishing Working Group (APWG) and M3AAWG with technical and business practices to help ISPs and mailbox providers thwart phishing attacks and other malevolent network abuses. It also includes practices to respond constructively when these attacks occur. Version 2.01 updates the anti-phishing best practices originally published in 2006.
Operation Safety-Net: Best Practices to Address Online, Mobile, and Telephony Threats
Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.
M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers
System abuse drains time and revenue for hosting and cloud providers, who must maintain constant vigilance to make sure their systems are not compromised and ensure that their customers are vigilant. This document categorizes types of abuse, suggests appropriate responses and reviews practices for dealing with customers and complaints. It provides current best common practices in use with the hosting, DNS and domain registration provider communities.
Public Policy Comments
Additional Responses from Dr. Paul Vixie to the U.S. Senate Hearing on "Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks"
Dr. Vixie's August 4th written response to additional questions requested after the hearing on botnet takedowns is also available from the official U.S. Committee on the Judiciary Committee hearing website at
M3AAWG Comments on ICANN Misuse Report
Submitted to ICANN in December 2013 in response to ICANN's misuse survey.
M3AAWG Comments on ICANN EWG Initial Report
Submitted to ICANN in August 2013 in response to ICANN's Expert Working Group report.
M3AAWG Response to CWG-Internet Request for Online Consultation-Combatting Spam
Submitted to the ITU Council Working Group on International Internet–Related Public Policy Issues (CWG–Internet) in July 2013
In response to a request for comments on effectively countering and combatting spam.
M3AAWG Comments on Thick Whois Initial Report
Submitted to ICANN in July 2013
Comments on this report can also be viewed on the ICANN site at http://forum.icann.org/lists/comments-thick-whois-initial-21jun13/
Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group
None at this time.
Taking on Calendar Spam, Scheduling Developers Organization CalConnect Collaborates with Messaging Anti-Abuse M3AAWG
German Law Enforcement Officials Receive 2017 M3AAWG J.D. Falk Award for Initiating Global Takedown of Avalanche Malware Platform
Latin American and Caribbean Anti-Abuse Working Group to Collaborate with LACNIC and M3AAWG to Fight Online Threats
M3AAWG Issues New Papers Explaining Password Security, Multifactor Authentication, Encryption Use and DDoS Safeguards; Announces 2017 Leadership and Committee Chairs
Articles About M3AAWG
Technology, law, and the world to protect the Internet: Interview with the standards organization JPAAWG
Japan Anti-Abuse Working Group (JPAAWG) launched in May 2019 and works with M3AAWG to focus on Internet security in Japan. ITmedia spoke with Mr. Shuji Sakuraba and Mr. Nobuhiro Suemasa of JPAAWG about the group’s work, including collaboration with M3AAWG.
AI’s Place in Preventing Piracy
Cable operators are working to prevent disruptions to their networks caused by the streaming of pirated content and DDoS attacks. The article calls out CableLabs’ work with M3AAWG on the DDoS Information Sharing Project.
Is a DMARC policy really right for everyone?
Valimail makes the case for DMARC enforcement and notes that M3AAWG recommends enforcement as a deliverability best practice.
Solving extreme email deliverability mysteries
Anna Ward, Postmark’s head of deliverability, discusses her path to becoming an email deliverability expert and the impact of being a part of the M3AAWG community on her work.