2018 JD Falk Award … a mailing list

It’s M3AAWG time. Even though we’re not there, I’m getting regular updates from friends and colleagues who are there. Yesterday, was the presentation of the 2018 JD Falk award. The award recognises “a particularly meritorious project undertaken by a dedicated individual or group reflecting the spirit of volunteerism and community building.” In this case, the award went to a group of people on the “BEC mailing list.”

BEC stands for Business Email Compromise (I had to look it up, now you don’t have to). According to  M3AAWG:

The Business Email Compromise List deals with a broad assortment of criminal activity and deceptive emails, often described as “Nigerian” schemes, that use phishing and fake social media activities to attract victims. By sharing information and expertise, they have blocked spoofed emails and malware; tracked real estate, romance, IRS, W2 and lottery schemes; and identified the money “mules” used to transfer illicit funds. BEC fraud accounts for more than $12 billion in losses globally and threatens users in 150 countries, according to the FBI’s IC3 (Internet Crime Complaint Center).

Congratulations to all the participants who work tirelessly to make the internet safer for businesses and consumers.

The group does have a video describing some of what they do.

I’m sure almost every field has these types of small, private, invite only lists that allow diverse groups of experts to collaborate and share information in a (mostly) secure environment. In many cases, this is good. Groups of smart, concerned people step up and collaborate to catch criminals and prevent bad behaviour. They do so because it’s the right thing to do. They’re not looking for praise or public adulation. Participation is often simply because this thing is a problem and they have the knowledge and ability to help solve the problem.

Related Posts

MAAWG next week

I’ll be up in Toronto Tuesday and part of Wednesday for the M3AAWG meeting. If you’re there, say HI!

Read More

The J.D. Falk award 2013

M3AAWG awarded the second J.D. Falk award today in Montreal. The winner was Gary Warner from the University of Alabama.
Gary has been involved in fighting abuse and online crime since the 1990s. He developed the Center for Information Assurance and Joint Forensics Research at the University. This is an education program that not only teaches students about online threats and how to fight them, but collaborates with both industry experts and law enforcement.
You can check out Gary at his blog or on twitter.
 

Read More

June 2015: the Month in Email

Happy July! We are back from another wonderful M3AAWG conference and enjoyed seeing many of you in Dublin. It’s always so great for us to connect with our friends, colleagues, and readers in person. I took a few notes on Michel van Eeten’s keynote on botnets, and congratulated our friend Rodney Joffe on winning the prestigious Mary Litynski Award.
In anti-spam news, June brought announcements of three ISP-initiated CAN-SPAM cases, as well as a significant fine leveled by the Canadian Radio-television and Telecommunications Commission (CRTC) against Porter Airlines. In other legal news, a UK case against Spamhaus has been settled, which continues the precedent we’ve observed that documenting a company’s practice of sending unsolicited email does not constitute libel.
In industry news, AOL started using Sender Score Certification, and Yahoo announced (and then implemented) a change to how they handle their Complaint Feedback Loop (CFL). Anyone have anything to report on how that’s working? We also noted that Google has discontinued the Google Apps for ISPs program, so we expect we might see some migration challenges along the way. I wrote a bit about some trends I’m seeing in how email programs are starting to use filtering technologies for email organization as well as fighting spam.
Steve, Josh and I all contributed some “best practices” posts this month on both technical issues and program management issues. Steve reminded us that what might seem like a universal celebration might not be a happy time for everyone, and marketers should consider more thoughtful strategies to respect that. I wrote a bit about privacy protection (and pointed to Al Iverson’s post on the topic), and Josh wrote about when senders should include a physical address, what PTR (or Reverse DNS) records are and how to use them, testing your opt-out process (do it regularly!), and advice on how to use images when many recipients view email with images blocked.

Read More