The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG, usually spelled M³AAWG) is an international information technology industry forum that works to reduce the threat from bots, malware, spam, viruses, DoS attacks and other online exploitations. It is one of the largest global organizations working against all forms of messaging abuse and represents over a billion mailboxes among its global membership.
It started as a group of internet service providers, mobile network operators, telecommunications companies and infrastructure vendors, and anti-spam technology vendors in early 2004 to fight spam and help protect end-users. In the spirit of collaboration, it expanded to include email service providers and vetted parties interested in safeguarding the online ecosystem. The organization initially started as MAAWG, the Messaging Anti-Abuse Working Group, but as spam morphed into a widely recognized vector for spreading malware and other threats, the organization changed its name to the Messaging, Malware and Mobile Anti-Abuse Working Group in 2012 to better reflect its scope of work.
M3AAWG has three levels of membership:
- Supporter, which is the least expensive and most popular level of membership
- Full, which has additional privileges such as the option to chair a committee
- Sponsor, which may include a seat on the Board of Directors
The role of M3AAWG is to bring various aspects of the industry together to discuss related anti-abuse issues and, based on this cooperative effort, produce best practices, public policy comments, white papers and other materials. It also provides an opportunity for professionals to share abuse information and their experience with their peers. Among the currently available published best practices is a document to help hosting service providers prevent abuse that was jointly published with the i2Coalition, anti-abuse recommendations for messaging service providers, best practices for high-volume email marketing senders and email service providers, and an updated white paper on email authentication. M3AAWG published the first best practices for mitigating bot infections in residential networks in July 2009, which were incorporated into the IETF's RFC 6561 a few years later. Although M3AAWG does not lobby on government or public policy matters, it does supply factual information to government organizations as they develop relevant policy or legislation,for example on anti-abuse issues with the proposed.
M3AAWG holds three members-only meetings each year, two in North America and one in Europe. The four-day long meetings are organized around multi-track conference sessions with colleagues and public policy representatives, best practices document working sessions, training courses and global networking opportunities. The meetings often are held in conjunction with other relevant organizations. In the past, M3AAWG has hosted the London Action Plan (LAP), the GSM Association Security Group (GSMA-SG), the Anti-Phishing Working Group, and other associations at its meetings.
In June 2015, M3AAWG jointly published the global Operation Safety-Net best practices with the London Action Plan. The cooperative global effort by industry and government experts is written in plain language and describes common online threats that are currently facing businesses, governments and end-users along with the proven best practices to mitigate them. M3AAWG also publishes Email Metrics Reports tracking the volume of abusive email using aggregated data provided by M3AAWG member ISPs, email providers and network operators and a Bot Metrics Report detailing the number of subscribers identified as having a system infected by malware, also known a "bot". It also has conducted two surveys looking at consumers' email practices: In 2009, it published a survey of North American users titled "Of Course I Never Click on Spam - Except Sometimes]" and in 2010 expanded the survey to cover both North America and Europe.
The YouTube channel has over 70 training, industry keynote and short topical videos on a wide range of computer security and cybercrime topics. Training videos range from how ISPs can identify and clean malware from customers' systems to a tutorial on using the Bettercrypto guide to more easily implement encryption. Keynotes include presentations on the state of the industry from renowned security experts Dan Geer and Brian Snow, among others.
Among its many industry partners, the EastWest Institute presented its EWI 2013 Cybersecurity Award to M3AAWG in recognition of its anti-abuse outreach in India and China and for facilitating cybersecurity global collaboration.
- Financial Times, "Secret war on web crooks revealed" by Maija Palmer, June 15, 2009 
- BBC News,"Botnets: Hi-tech crime in the UK" by Mark Ward
- hosting service providers
- messaging service providers[permanent dead link]
- high-volume email marketing senders and email service providers
- updated white paper on email authentication
- Macworld, "SOPA hearing delayed, likely until early next year" by Grant Gross, IDG News Service, Dec. 20, 2011, 
- Operation Safety-Net
- Email Metrics Reports
- Bot Metrics Report
- Of Course I Never Click on Spam - Except Sometimes
- 2010 expanded the survey
- EWI 2013 Cybersecurity Award