You are here: Home > Manage IPs and ASNs > RIPE Database > FAQ: RIPE Database > FAQ: Hacking & Spamming > What can I do about spam/hacking?

What can I do about spam/hacking?

Once you have identified which IP address is being used to send abuse, you can use RIPEstat's Abuse Contact Finder to search for contact information so that you can report the abuse to the appropriate person. This tool relies on data contained in the RIPE Database and will return the abuse contact found in the "abuse-c:" attribute for a resource, if such contact information exists.

abuse example

If no abuse contact exists for the queried IP address, RIPEstat will automatically search related objects for potential abuse contacts.

Reporting the abuse

Keep in mind that the email address(es) listed may be for contact people at an Internet Service Provider, and they may not be aware that somebody is using their network in this way. They will require details of the abuse so they can investigate it further.

In case of spam or phishing, forward a copy of the spam/phishing email, including the full header. In case of hacking, include as much relevant information as possible to make it easier for the ISP to locate and deal with the abuser:

  • Explain the situation and why you think it's an abuse case
  • IP address responsible for the abuse
  • Date and time (including time zone) the abuse took place
  • Log file of the attack generated by your firewall, if possible