According to figures provided by cleantalk.org, the size of their database of spam-related IP addresses is roughly 20 million. Of these, about 2 million have been active in the last two weeks (as of November 2018). The number of daily updates to this list consist of roughly 40-60 thousand new IP addresses. This huge amount of spam activity leaves a deep mark on the web, with spam flooding our inboxes, the comment sections of websites like blogs, forums, boards, news websites, etc.
The Spam Problem
Armies of spammers and spambots actively register on websites to get access to the ability to place comments. Obviously, in the process of doing so, many websites ask for a minimal number of details, including email addresses. Spam generators usually reuse a limited number of email accounts for registration on multiple platforms, leading to them being reported to the corresponding monitoring services. The same is true about the IP addresses from which spam activity or certain kinds of attacks are launched.
Obviously, being able to check these two types of data coming from the users (IPs and emails) allows to quickly distinguish ill-intentioned entities from the real users of the website. In order to be able to routinely check email addresses or IPs for spam activity one needs to have either manual or automatic access to the most up-to-date records (this is especially relevant considering how fast old IPs are replaced by new ones). These detailed records have to be assembled from reports generated by the monitoring services or individual users.
Fraudulent Activity And Cybernetic Attacks
It is worth noting that many of the IPs or emails are associated with fraudulent activity and attacks of other kinds:
- HTTP Get Flood;
- HTTP Head Flood;
- TTP Post Flood;
- HTTPS Flood & DoS;
- fraudulent use in financial transactions.
Consequently, the implications can be much greater than simply being annoyed by spam. Thus, in a DoS attack (Denial of Service), hundreds and thousands of accounts registered by such fake users might be accessed simultaneously to effectively overload the servers and disrupt the functionality of the site (theoretically, can be of use for the competition or for blackmailing hackers).
With regard to financial fraud, the emails and IPs can serve as an additional layer of verification along with more traditional and complex means (e.g. credit card verification). In case the latter does not detect the fraud and the former does so, it can serve as a serious red flag to halt any financial transactions with the user and ask for additional verification.
In the light of the above mentioned, the utility of verifying emails and IPs becomes obvious both for blocking spam and for preventing fraudulent activity on your website. By contracting the services of a company who offers real-time verification of these two according to a comprehensive and actualized database, the website visitors would experience no delay whatsoever.