Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

[Denys Fedoryshchenko <nuclearcat () nuclearcat com>]

On 2020-04-13 17:25, Kushal R. wrote:
> From the past few months we have been receiving a constant stream of
> abuse reports from a company that calls themselves RiskIQ
> (RiskIQ.com).
>
> The problem isn’t the abuse reports themselves but the way they send
> them. We receive copies of the report, on our sales, billing,
> TECH-POCs and almost everything other email address of ours that is
> available publicly. It doesn’t end there, they even online on our
> website and start using our support live chat and as recently as
> tomorrow they I see that they have now started using Twitter
> (@riskiq_irt) to do the same.
>
> We understand these reports and deal with them as per our policies and
> timelines but this constant spamming by them from various channels is
> not appreciated.
>
> Does anyone have a similar experience with them?

If the problem of abuse legit and arises with enviable constancy, maybe 
it is time to take fundamental measures to combat abuse?
I had to block port 25 by default on some operators and create a 
self-care web page for removing it,
 with the requirement to read legal agreement where consequences stated, 
if the client start spamming.
For those who are bruteforcing other people's servers / credentials, 
soft-throttling ACL had to be implemented.
And as they wrote earlier, it’s better to kick out exceptionally bad 
customers than to destroy your reputation.