Tired of constantly dealing with sign-up spam accounts while running your business? Perhaps what you need is a robust bad actor detection policy in place. With this policy, you can effectively blacklist spam accounts, unwanted markets, and even competitors from accessing your platform.

Content

The concept behind bad actor detection (BAD) is to identify and respond to malicious activities within a network or system, preventing or minimizing the damage. This way, you could prevent spam accounts from inundating the legitimate flow of signups in your business, streamlining the approval/rejection process, and safeguarding against malicious attempts by competitors to access your processes and data. BAD involves monitoring, analyzing, and interpreting various data points to flag potential threats.

BAD can incorporate multiple layers, but for now, let’s concentrate on two: permitting access only to desired markets and thwarting competitors from infiltrating your platform.

Valid Markets:

This crucial aspect involves analyzing a list of approved markets, particularly focusing on countries with which we intend to conduct business. Utilizing Tools like IP Info allows us to track and record IP addresses following a successful signup attempt.

Competitors:

Begin by compiling a list of prohibited email domains associated with your business. This list can be hardcoded or stored in a database table for easy management of records. For instance, if we consider a finance-related platform, we aim to prevent entities such as “xxxxx@unicorns.com” from accessing our process.  

Blacklist Implementation:

Upon establishing the aforementioned layers, we develop a service to scrutinize submitted data (email address, IP address) and cross-reference it with the predefined lists. If deemed invalid, the signup data is either stored in a blacklist or marked with a flag in the user table. This comprehensive approach ensures that even if an offender attempts to register using a different email address, they will still be thwarted by the previously stored IP address, bypassing the need for extensive processing through the BAD service.

Continuous Rejection:

The final step involves implementing a validation mechanism at the top level of the logged-in user’s session, cross-referencing against the blacklist. This ensures prompt identification and removal of spam accounts, redirecting them to a designated “in review” view for further user context. 

Complete flow from the start (sign-up) where IP Info extracts IP address checks if IP is already saved in blacklist if so reject else not move to BAD and verify the data, finally validate if spam before granting full access.  

Conclusion

Implementing BAD significantly diminishes the influx of spam accounts, allowing the business to allocate resources toward potential clients rather than manually vetting each request. However, like a security measure, it’s crucial to anticipate potential flaws. Consider incorporating verification tools to address unjustified rejections, such as instances where valid market users may be traveling internationally or using VPNs. Additional layers of verification can be introduced based on the specific needs of the business, further enhancing the effectiveness of blocking mechanisms.

In my experience implementing BAD, the benefits are immense. You get to control the traffic in your product, block competitors from fetching data, and save time and money by making sure your sales team engages with potential customers.

Bibliography

IP Address are fetched by IpInfo
( https://ipinfo.io/)

Written by:

Dickson González
Sr- Software Engineer
Country: Costa Rica