Abuse Desk Policies and IP Reputation Management

So what are the most common abuse types on today’s internet?

According to Tobias, anything that has the possibility to make even a little bit of money is bound to be abused. And it can be anything from small abuse to terrorism, child exploitation, and other heavy misdemeanors.

“Everything leaks, there’s no network that has never had a problem. What’s most important is to be reactive and handle this fast. And that is our goal at Abusix – to make sure when someone figures out something illegal is happening, their path to protect, package and report that data to the right place is as simple as possible.

“It is essential to cut down the return on investment for the bad guys, by reacting and solving abuse cases as fast as possible, and being upfront with it. If they don’t benefit from it, their actions are likely to diminish, “ said Tobias.

As highlighted by abuse prevention specialists at IPXO, much of today’s abuse is tied to current world events. For instance, cybercriminals exploit global crises by launching phishing campaigns around geopolitical conflicts, energy shortages, or climate-related disasters, tricking people with fake relief efforts or fraudulent investment schemes.

“We have to keep in mind that it is not always about volume, and sometimes we have to look for the needle in the haystack. You can be receiving thousands of reports every day and missing out on one that is crucial. So that’s where Abusix comes in, helping out to filter what really matters, even if it is not the largest in size,” stated IPXO specialists.

How to reduce spam and abuse cases in your network

No one can fully protect their network against abuse. If it’s on the internet – you can break it. The main point is not to avoid it entirely, but to react to it as quickly and effectively as possible. According to Laura, we have to answer two main questions: how can the service I’m providing be used to hurt people, and how could this be utilized in a way that could be harmful to society as a whole? The answers will help us set our business compliance and legal boundaries.

When you’re setting compliances and thinking about where your line is, understand it has to come from your company values. Even if it is legal, you don’t have to allow it if it goes against your principles.

It is common for companies to not pay attention to what their strategy is. Decisions become especially hard when you have a high paying customer, that may not fit your values at all, but you waver due to the money they bring.

“You know, sometimes abuse is accidental. You get a customer who decides that they’re going to upload their entire address book and send out mail, which turns into a big spam problem. Or you have somebody who is just getting started and went to a marketing seminar and discovered that they could buy a list of email addresses. So they do that, and they don’t realize that that’s spamming because this is a targeted list of email addresses. So sometimes it really is accidental, and sometimes it’s very deliberate, taking snowshoe spamming as an example, which is a deliberate way to get around filters,” says Laura.

It is vital to not only get rid of the customers that cause you issues straight away but to evaluate their abuse, see if it was intentional, build a relationship and teach them the right ways.

Take care of abuse or take care of the consequences

Whatever kind of an online service we run, we have to be able to stop the abuse coming out, or we risk consequences. And the results can range from getting your IPs blocked, to having your upstream cut you off. Or even having to deal with the negative press, ending up in the media, because you unknowingly allowed people to put abuse material online.

Take for example the 2024 US elections and their aftermath. Major platforms like X (formerly Twitter), Facebook, and TikTok faced intense scrutiny over the spread of disinformation, deepfakes, and AI-generated content. Many experts suggested that platforms should have deployed an AI text detector to identify and flag machine-generated content before it could spread further, as critics questioned how much harmful material was being amplified and how effectively false claims by public figures were being addressed, even as platforms get better at humanize AI to make it more natural and trustworthy.

They had to make tough decisions, as to whether or not to hide that data, put a warning label on that data or just let it be. Whatever decision they would have made, they would be criticized all across, from a wide range of folks.

“As an abuse professional, I understand some of the things that they’re struggling with: do you refrain from allowing the President of the United States from being on your network because he is lying? But he’s the President and there’s this understanding that the president deserves to have a platform in and deserves to be able to communicate with the citizens of the US and with the world,” claimed Laura.

There’s no one right way to identify or handle abuse. You have to keep in mind that you’re never going to be able to stop it all.  No matter how well you write all your policies, you’re going to fail occasionally, and you have to be okay with that.

Some people will do whatever they can to break things just because they find it fun or entertaining. Fortunately, likewise, some people would never even consider doing anything wrong, and they make our jobs easier.

We want to thank Tobias Knecht, CEO and Founder of Abusix, and Laura Atkins, Co-Founder and Partner at Word to the Wise, for joining our recent discussion.

If you want to hear more from our experts, watch the full webinar video below