14 DAY TRIAL // Verizon has some explaining to do because a recent report from The Spamhaus Project has pointed the finger at the company and accused it of aiding cybercriminals by routing over four million IP addresses through its network.
The Spamhaus Project is an international non-profit organization that in the last years has maintained a spam blacklist and also collaborated with law enforcement agencies to track down spammers and some of the Internet's spam operations.
As Spamhaus representative Barry Branagh explains, the recent depletion of the IPv4 address block has forced cybercriminals to steal IP ranges from the IP pools of companies that don't use them, or haven't gotten around to setting up routes for those IPs.
"Setting up a route" is when an ISP tells other ISPs that a particular IP address block can be found on its servers. While spammers have found it quite easy to steal or buy IP blocks from the black market, to set up a route, they usually need to register as an AS (Autonomous System) and receive an ASN (Autonomous System Number).
Verizon doesn't vet ASs that want to route IP addresses on its servers
Because of Verizon's relaxed ASN setup process, cybercriminals have found it quite easy to submit forged documents to the company and have it route their stolen IP lots through their servers.
Using this approach, Mr. Branagh says that over 4 million IP addresses have been routed through Verizon's network, which were later used to spam users via the "snowshoe approach." With this technique, spammers use multiple addresses, in various locations, to send spam email to their victims.
The technique makes it harder for organizations like Spamhaus to identify and track down larger spam campaigns while also keeping down the spammy traffic coming from one single IP address, thus avoiding getting blacklisted after a few thousand emails.
Verizon hasn't been playing nice with Spamhaus
"It seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area," said Mr. Branagh. "Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer."
The Spamhaus official also claims that Verizon doesn't seem to care. He adds that, since July 2015, his organization's representatives have exhausted any method of getting in contact with Verizon and its numerous departments, with its Abuse and Security employees, and even with some high-ranking managers.
Additionally, the Chinese and Korean companies from where most of these IP addresses were stolen seem to be defunct, don't understand the issue, or are controlled by the spammers or their conspirators.
While Verizon's representatives might have been unresponsive to Spamhaus' numerous complaints, legally, the company is facilitating cybercrime, and it may have some explaining to do when law enforcement agencies come knocking.
We've reached out to Verizon for comment.