The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) started as a group of internet service providers, mobile network operators, telecommunications companies and infrastructure vendors, and anti-spam technology vendors in early 2004 to fight spam and help protect end-users. In the spirit of collaboration, it expanded to include email service providers and vetted parties interested in safeguarding the online ecosystem. The organization initially started as MAAWG, the Messaging Anti-Abuse Working Group, but as spam morphed into a widely-recognized vector for spreading malware and other threats, the organization changed its name to the Messaging, Malware and Mobile Anti-Abuse Working Group in 2012 to better reflect its scope of work. In the digital world today, spam is just the symptom; malware and botnets are the real pathology, and M3AAWG has become an international forum for sharing information about these and other threats on any messaging platform. The purpose of the group is to bring the industry together to work against bots, malware, spam, viruses, DoS attacks and other online exploitation. It is one of the largest global organizations working against all forms of messaging abuse and represents over a billion mailboxes among its global membership.
M3AAWG has three levels of membership:
- Supporter, which is the least expensive and most popular level of membership
- Full, which has additional privileges such as the option to chair a committee
- Sponsor, which may include a seat on the Board of Directors
As of August 2015, the M3AAWG Board of Directors includes AT&T (NYSE: T); CenturyLink (NYSE: CTL); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Facebook; Google; LinkedIn; Listrak; Mailchimp; Message Systems; Orange (NYSE and Euronext: ORA); OVH; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc.
The role of M3AAWG is to bring various aspects of the industry together to discuss related anti-abuse issues and, based on this cooperative effort, produce best practices, public policy comments, white papers and other materials that are available to the industry from the M3AAWG website. It also provides an opportunity for professionals to share abuse information and their experience with their peers.
M3AAWG has 36 papers and best practices on a variety of topics as of August 2015, with new documents addressing evolving threats and issues consistently in development. Among the currently available published best practices is a document to help hosting service providers prevent abuse that was jointly published with the i2Coalition, anti-abuse recommendations for messaging service providers, best practices for high-volume email marketing senders and email service providers, and an updated white paper on email authentication. M3AAWG published the first best practices for mitigating bot infections in residential networks in July 2009, which were incorporated into the IETF's RFC 6561 a few years later. Although M3AAWG does not lobby on government or public policy matters, it does supply factual information to government organizations as they develop relevant policy or legislation,for example on anti-abuse issues with the proposed.
M3AAWG holds three members-only meetings each year, two in North America and one in Europe. The four-day long meetings are organized around multi-track conference sessions with colleagues and public policy representatives, best practices document working sessions, training courses and global networking opportunities. The meetings often are held in conjunction with other relevant organizations. In the past, M3AAWG has hosted the London Action Plan (LAP), the GSM Association Security Group (GSMA-SG), the Anti-Phishing Working Group, and other associations at its meetings.
In June 2015, M3AAWG jointly published the global Operation Safety-Net best practices with the London Action Plan. The cooperative global effort by industry and government experts is written in plain language and describes common online threats that are currently facing businesses, governments and end-users along with the proven best practices to mitigate them. M3AAWG also publishes Email Metrics Reports tracking the volume of abusive email using aggregated data provided by M3AAWG member ISPs, email providers and network operators and a Bot Metrics Report detailing the number of subscribers identified as having a system infected by malware, also known a “bot." It also has conducted two surveys looking at consumers' email practices: In 2009, it published a survey of North American users titled "Of Course I Never Click on Spam - Except Sometimes" and in 2010 expanded the survey to cover both North America and Europe.
The M3AAWG YouTube channel has over 70 training, industry keynote and short topical videos on a wide range of computer security and cybercrime topics. Training videos range from how ISPs can identify and clean malware from customers' systems to a tutorial on using the Bettercrypto guide to more easily implement encryption. Keynotes include thought-provoking presentations on the state of the industry from renowned security experts Dr. Dan Geer and Brian Snow, among others.
Among its many industry partners, the EastWest Institute presented its EWI 2013 Cybersecurity Award to M3AAWG in recognition of its anti-abuse outreach in India and China and for facilitating cybersecurity global collaboration. Other industry partners that participate in M3AAWG include the APWG (Anti-Phishing Working Group), DMARC.org, DNS-OARC (DNS Operations, Analysis, and Research Center), ISOC (The Internet Society) and the London Action Plan. M3AAWG is a member of the ISOC (The Internet Society), LAP and DNS-OARC.
- BBC News,"Botnets: Hi-tech crime in the UK" by Mark Ward
- Financial Times, "Secret war on web crooks revealed" by Maija Palmer, June 15, 2009 
- M3AAWG Member Roster
- Macworld, "SOPA hearing delayed, likely until early next year" by Grant Gross, IDG News Service, Dec. 20, 2011,