Abuse Desk Policies and IP Reputation Management

According to Tobias, anything that has the possibility to make even a little bit of money is bound to be abused. And it can be anything from small abuse to terrorism, child exploitation, and other heavy misdemeanors.

“Everything leaks, there’s no network that has never had a problem. What’s most important is to be reactive and handle this fast. And that is our goal at Abusix – to make sure when someone figures out something illegal is happening, their path to protect, package and report that data to the right place is as simple as possible.

“It is essential to cut down the return on investment for the bad guys, by reacting and solving abuse cases as fast as possible, and being upfront with it. If they don’t benefit from it, their actions are likely to diminish, “ said Tobias.

According to Anna, Abuse Prevention Lead at IPXO, a lot of abuse is connected to current world events. For example, naive people often fall for scams selling covid testing kits or vaccines, trying to protect themselves from the ongoing pandemic.

“We have to keep in mind that it is not always about volume, and sometimes we have to look for the needle in the haystack. You can be receiving thousands of reports every day and missing out on one that is crucial. So that’s where Abusix comes in, helping out to filter what really matters, even if it is not the largest in size,” stated Aistis, Director of R&D at IPXO.

No one can fully protect their network against abuse. If it’s on the internet – you can break it. The main point is not to avoid it entirely, but to react to it as quickly and effectively as possible. According to Laura, we have to answer two main questions: how can the service I’m providing be used to hurt people, and how could this be utilized in a way that could be harmful to society as a whole? The answers will help us set our business compliance and legal boundaries.

When you’re setting compliances and thinking about where your line is, understand it has to come from your company values. Even if it is legal, you don’t have to allow it if it goes against your principles.

It is common for companies to not pay attention to what their strategy is. Decisions become especially hard when you have a high paying customer, that may not fit your values at all, but you waver due to the money they bring.

“You know, sometimes abuse is accidental. You get a customer who decides that they’re going to upload their entire address book and send out mail, which turns into a big spam problem. Or you have somebody who is just getting started and went to a marketing seminar and discovered that they could buy a list of email addresses. So they do that, and they don’t realize that that’s spamming because this is a targeted list of email addresses. So sometimes it really is accidental, and sometimes it’s very deliberate, taking snowshoe spamming as an example, which is a deliberate way to get around filters,” says Laura.

It is vital to not only get rid of the customers that cause you issues straight away but to evaluate their abuse, see if it was intentional, build a relationship and teach them the right ways.

Whatever kind of an online service we run, we have to be able to stop the abuse coming out, or we risk consequences. And the results can range from getting your IPs blocked, to having your upstream cut you off. Or even having to deal with the negative press, ending up in the media, because you unknowingly allowed people to put abuse material online.

Take for example, the US elections and what’s been going on. There was a lot of heat that Facebook and Twitter took in terms of the stuff they’re letting on their platforms, and the lies they’re letting elected officials tell there.

They had to make tough decisions, as to whether or not to hide that data, put a warning label on that data or just let it be. Whatever decision they would have made, they would be criticized all across, from a wide range of folks.

“As an abuse professional, I understand some of the things that they’re struggling with: do you refrain from allowing the President of the United States from being on your network because he is lying? But he’s the President and there’s this understanding that the president deserves to have a platform in and deserves to be able to communicate with the citizens of the US and with the world,” claimed Laura.

There’s no one right way to identify or handle abuse. You have to keep in mind that you’re never going to be able to stop it all.  No matter how well you write all your policies, you’re going to fail occasionally, and you have to be okay with that.

Some people will do whatever they can to break things just because they find it fun or entertaining. Fortunately, likewise, some people would never even consider doing anything wrong, and they make our jobs easier.

We want to thank Tobias Knecht, CEO at Abusix, and Laura Atkins, Owner at Word to the Wise for joining us for the discussion.