nanog mailing list archives

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ


From: Josh Luthman <josh () imaginenetworksllc com>
Date: Mon, 13 Apr 2020 11:29:45 -0400

Speaking of spam, I just sent a message in and got auto responses from:
chad () rankleads com
kundservice () axofinans se

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373


On Mon, Apr 13, 2020 at 10:53 AM Denys Fedoryshchenko <
nuclearcat () nuclearcat com> wrote:

On 2020-04-13 17:25, Kushal R. wrote:
From the past few months we have been receiving a constant stream of
abuse reports from a company that calls themselves RiskIQ
(RiskIQ.com).

The problem isn’t the abuse reports themselves but the way they send
them. We receive copies of the report, on our sales, billing,
TECH-POCs and almost everything other email address of ours that is
available publicly. It doesn’t end there, they even online on our
website and start using our support live chat and as recently as
tomorrow they I see that they have now started using Twitter
(@riskiq_irt) to do the same.

We understand these reports and deal with them as per our policies and
timelines but this constant spamming by them from various channels is
not appreciated.

Does anyone have a similar experience with them?

If the problem of abuse legit and arises with enviable constancy, maybe
it is time to take fundamental measures to combat abuse?
I had to block port 25 by default on some operators and create a
self-care web page for removing it,
  with the requirement to read legal agreement where consequences stated,
if the client start spamming.
For those who are bruteforcing other people's servers / credentials,
soft-throttling ACL had to be implemented.
And as they wrote earlier, it’s better to kick out exceptionally bad
customers than to destroy your reputation.


Current thread: