Internet Crime is a business. Every Business has its own business model. Identity Theft, Phishing, DDoS attacks, spam and all the other versions and combinations are still a lucrative business. But why is that?
It’s still way too easy.
Security Can Be Complicated
Security is multi-layered and sometimes it's just impossible to keep systems and users secure. Especially in environments where the end-user has most of the control and the smallest experience with security.
It’s the 16-year-old high school student running a game server, the cupcake shop around the corner having a new website based on any popular CRM system or mom and dad's home computer. Even security experts are not 100% secure.
Since we are spending a lot of time and effort to secure our own systems and our users' systems, we completely forget what we are going to do with the systems that have been compromised. We enter in to a state where modern security software cannot do a whole lot or it has been deactivated by the malware.
Abuse Handling Is An Immune System
Think about it from this perspective: you take your vitamins every day and get your vaccination every year. You're eating healthy and staying active. As soon as you get sick, then what happens? Your body is now a compromised, fragile system. Your immune system goes down and nobody is taking care of you to get you in better shape again.
These compromised systems are used to spam, attack, host phishing, or malware and by that, harm your users, your infrastructure, and your reputation. They cost money for additional customer support, traffic, being blacklisted, and much much more. And even worse, these compromised systems attack your infrastructure from within and can cause a large amount of different problems.
So if you only take care preventing incoming attacks, you're leaving a huge surface open for potential compromise.
Enter The Abuse Desk
This is exactly where an abuse desk or Customer Trust and Safety Department comes into place.
Detecting compromised systems within your infrastructure by using external and internal data sources. Analyzing the problems and starting a real mitigation process hand-in-hand with your customers to resolve the problem. Take away control from criminals misusing your infrastructure and your users's infrastructure to steal money and other important things from them.
Working abuse reports in a pragmatic and steady way will decrease the attacks and threats your infrastructure is facing and increases the health of your networks, systems, and users.