Hey everyone! I'm curious if you take the time to report malicious actors to their hosting or SaaS providers. I often find this comes into play when we're dealing with incidents like successful phishing attacks. This includes reporting mail servers, web hosting used for attacks, registrar abuse addresses, and services involved in denial-of-service attacks. What's your approach?
6 Answers
I usually report them, especially if they're beyond Cloudflare because they tend to take action. It's not always guaranteed, but it’s worth a shot.
I consider it case by case. If there's an attempt to spoof our business domain, like a similar-looking domain name, I report that without hesitation.
It really depends. Sometimes I'll look into it if I’m bored or if the ASN name catches my interest; it can be fun to dig around.
I always report. Although responses can be lacking, one successful takedown can disrupt an ongoing campaign. I've automated my reports to save time during active incidents.
I do report them, but honestly, the response rate is pretty poor. Still, it’s better than doing nothing.
I generally only report enough to mitigate the threat. If a phishing email comes through, I focus on getting the links taken down or the email addresses suspended. Better to strike where it hurts!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures