Messaging

• Almost half of those who opened spam did so intentionally. Many wanted to unsubscribe or complain to the sender (25%), to see what would happen (18%) or were interested in the product (15%).
   
• Overall, 11% of consumers have clicked on a link in spam, 8% have opened attachments, 4% have forwarded it and 4% have replied to spam. 
   
• On average, 44% of users consider themselves “somewhat experienced” with email security. In Germany, 33% of users see themselves as “expert” or “very experienced,” followed by around 20% in Spain, the U.K. and the U.S.A., 16% in Canada and just 8% in France.
   
• Men and email users under 35 years, the same demographic groups who tend to consider themselves more experienced with email security, are more likely to open or click on links or forward spam. Among email users under 35 years, 50% report having opened spam compared to 38% of those over 35. Younger users also were more likely to have clicked on a link in spam (13%) compared to less than 10% of older consumers.
   
• Consumers are most likely to hold their Internet or email service provider most responsible for stopping viruses and malware. Only 48% see themselves as most responsible, though in France this falls to 30% and 37% in Spain. 
   
• Yet in terms of anti-virus effectiveness, consumers ranked themselves ahead of all others, except for anti-virus vendors: 56% of consumers rated their own ability to stop malware and 67% rated that of anti-virus vendors’ as very or fairly good. Government agencies, consumer advocacy agencies and social networking sites were among those rated most poorly.

A complete member list is available at /about/roster

San Francisco, Jan. 28, 2010 – With the participation of some of the industry’s largest ISPs, email providers and Internet companies, the Messaging Anti-Abuse Working Group (MAAWG) is focusing on how to better protect the end user from spam, bots and other messaging exploitations during its February meeting in San Francisco.  The three-day, multi-track event will feature experts from Google, Mozilla, Microsoft, all the major anti-virus vendors, social networking sites, and anti-spam researchers, among others.

The first of three MAAWG meetings this year, the goal of the Feb. 16-18 event is to encourage a frank discussion and share innovative techniques to better safeguard consumers, according to Michael O’Reirdan, MAAWG chairman.  MAAWG meetings are organized around a series of roundtables, expert presentations on groundbreaking work, and closed-door discussions on sensitive anti-spam issues. 

Among the topics to be addressed at the meeting are:

• Web browser security
• The future of desktop and device email clients
• Domain registrar account security, such as problems that enabled the recent attack against a Chinese search engine
• Authentication and DKIM
• Wireless messaging abuse
• Bulk-email senders practices
• Initial results of the 2010 consumer email survey, expanded to cover both North America and Europe

The MAAWG ISP Closed Colloquium (ISPCC), held each day of the meeting, provides an opportunity for network operators to address confidential issues in private.  This session will be opened to all meeting participants the last day of the event, providing a unique opportunity for dialogue among ISPs, bulk senders and vendors.  Other MAAWG committee work will continue on best practices and white papers related to IPv6, port 53 issues, and feedback loops.  Financial Times journalist Joseph Menn will share his research into DDOS espionage, the basis of his new book Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet.

MAAWG meetings are open to members and invited experts only.  Registration and meeting information is available at www.MAAWG.org.

About the Messaging Anti-Abuse Working Group (MAAWG)

The Messaging Anti-Abuse Working Group (MAAWG) is where the messaging industry comes together to work against spam, viruses, denial-of-service attacks and other online exploitation.  MAAWG (www.MAAWG.org) represents almost one billion mailboxes from some of the largest network operators worldwide.  It is the only organization addressing messaging abuse holistically by systematically engaging all aspects of the problem, including technology, industry collaboration and public policy.  MAAWG leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services.  Headquartered in San Francisco, Calif., MAAWG is an industry forum driven by market needs and supported by major network operators and messaging providers.

#  #  #

Media Contact: Linda Marcus, APR, +1-714-974-6356, lmarcus@astra.cc, Astra Communications

MAAWG Board of Directors: AOL; AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Cox Communications; Eloqua; France Telecom (NYSE and Euronext: FTE); Goodmail Systems; Openwave Systems (NASDAQ: OPWV); Time Warner Cable; Verizon Communications; and Yahoo! Inc.

MAAWG Full Members: 1&1 Internet AG; Apple Inc.; Bizanga LTD; Cisco Systems, Inc.; Constant Contact (CTCT); e-Dialog; Experian CheetahMail; Genius.com; Internet Initiative Japan, (IIJ NASDAQ: IIJI); McAfee Inc.; NeuStar, Inc.; Return Path, Inc.; Spamhaus; Sprint; and Symantec

A complete member list is available at /about/roster.

With the growing problem of bot infestations contributing to spam, identity theft and online fraud, the Messaging Anti-Abuse Working Group (MAAWG) has issued the first best practices aimed at helping the global ISP industry work more closely with consumers to recognize and remove bot infections on end-users’ machines. The paper outlines a three-step approach with recommendations for detecting bots, notifying users that their computers have been compromised, and guiding them in removing the malware.

Bots, or malware running on users’ computers without their knowledge, are responsible for generating up to 90 percent of spam and can also be used to steal personal information or take part in DDOS (distributed denial of service) attacks. MAAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks (Version 1.0) outlines strategies used by some of the largest ISPs worldwide yet was developed to be scalable for smaller network operators and to consider legal and process differences among countries.

“Bots are a global affliction and these best practices are an important step in educating the industry on the appropriate processes to help protect consumers. We’re sharing the experiences of our global membership so that network operators everywhere can more aggressively tackle this problem. As an industry, we are becoming more proactive in alerting customers when bots are detected on their computers and in helping users remove the malware before it can harm them,” said MAAWG Chairman Michael O’Reirdan.

The new best practices outline various options for alerting customers when their computers are infected and has suggestions for helping end-users clean their systems. The paper discusses bot detection methods, customer notification, and the use of walled gardens to limit infected machines’ exposure to the Internet. Among the recommendations:

• While protecting users’ privacy, network operators can use various tools to detect infected end-user computers, including DNS, scanning the IP space to identify vulnerable computers, and collecting IP traffic information for known command and control addresses.
• Email, phone calls to customers, postal mail and walled gardens are common notification tools, each with their own considerations. In-browser messages are considered to be among the most effective methods to alert customers but also can be technically challenging to implement.
• ISPs need to maintain a well-publicized security portal that includes directions for end-user bot removal.
• The paper also includes sample end-user messages and a list of malware detection and removal tools. The best practices will continue to be revised to reflect new procedures and the evolution of new bots threats.
• Users Under Estimate Bot Threat

A bot residing on a consumers’ computer is usually part of a larger network of machines programmed to perform specific, clandestine operations under the control of a “botmaster.” The malware is often installed on unsuspecting consumers’ machines when they click on an infected email or download illicit code from a compromised Web site. Bots are designed to operate stealthily ¬– for example, sending spam or recording passwords and personal information without their owners’ knowledge – making it difficult for end-users to detect their machines are infected.

While about 80 percent of consumers are aware of bots, only 20 percent believe they will ever be infected, according to a survey MAAWG released in July (the survey and related news release are available at www.MAAWG.org). “ISPs need to take steps to protect users, but we also need to continually educate customers and work closely with them to contain bot propagation,” O’Reirdan said.

The new bot mitigation best practices are part of the ongoing work at MAAWG to confront messaging abuse. Previously, MAAWG has published best practices for managing port 25, using walled gardens, sharing dynamic IP address space, email forwarding practices, and senders best communications practices, among other topics.

The MAAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks can be downloaded from the organization’s Web site at www.MAAWG.org. The MAAWG consumer survey, published white papers and best practices also are available at the site.

About the Messaging Anti-Abuse Working Group (MAAWG)

The Messaging Anti-Abuse Working Group (MAAWG) is where the messaging industry comes together to work against spam, viruses, denial-of-service attacks and other online exploitation. MAAWG (www.MAAWG.org) represents almost one billion mailboxes from some of the largest network operators worldwide. It is the only organization addressing messaging abuse holistically by systematically engaging all aspects of the problem, including technology, industry collaboration and public policy. MAAWG leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services. Headquartered in San Francisco, Calif., MAAWG is an open forum driven by market needs and supported by major network operators and messaging providers.

#   #  #

Media Contact: Linda Marcus, APR, 714-974-6356, lmarcus@astra.cc, Astra Communications

MAAWG Sponsors (Board of Directors): AOL; AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Cox Communications; France Telecom (NYSE and Euronext: FTE); Goodmail Systems; Openwave Systems (NASDAQ: OPWV); Time Warner Cable; Verizon Communications; and Yahoo! Inc.

MAAWG European members: 1&1 Internet AG; Bizanga LTD; Constant Contact; e-Dialog; Eloqua Corporation; Experian CheetahMail; Genius.com; Internet Initiative Japan, (IIJ NASDAQ: IIJI); IronPort Systems; McAfee Inc.; MX Logic; NeuStar, Inc.; Outblaze LTD; Return Path, Inc.; Spamhaus; Sprint; and Symantec

A complete member list is available at the MAAWG website.