Behind the scenes, Abuse Manager and Scamadviser

Behind the scenes, Abuse Manager and Scamadviser

As mentioned in a recent press message and our latest vLog, iQ has recently implemented Scamadviser as one of the abuse sources in our feed. As this source differs quite a bit from the sources we usually implement, we thought a behind-the-scenes explanation was in order.

To explain what is so different about Scamadviser, a basic tutorial on the Abuse Manager feed is the place to start. 

One of the core pillars in iQ Abuse Manager is that the service offer curated abuse sources, which are continuously monitored for freshness and quality. These sources then make up the Abuse Manager feed.

The traditional source will supply our feed with domain names that have been reported for abusive behavior, in most cases together with a set of additional information to support the claim. The most basic example is a category of abuse, like phishing or malware, and a URL to the offensive material.

Now, Scamadviser does not fit into this box as they, for the most part, do not report an actual case of abusive behavior, but instead, they use an algorithm to calculate how likely it is that a domain name is doing something bad, which they then share with us.

However, there are exceptions to this rule. If Scamadviser gets a validated report from one of their trusted partners, they will give the domain name a specific Trust Score. In fact, the lowest one possible, which is not achievable any other way. 

So, when we set out to integrate Scamadviser as a source, we had to think long and hard about how to do this. In the end, we selected to integrate Scamadviser as two sources. 

The Scamadviser source reports on humanly vetted occurrences of a scam and is marked as such in Abuse Manager. This is a source that is enabled per default for all Abuse Manager customers and works just as any other source. 

The second source, called Scamadviser Trust Score, is a little more unorthodox. This source is not enabled as default for Abuse Manager customers but can be turned on with no additional costs. 

Screenshot 2021-03-05 at 17.18.19.png

As mentioned above, turning on this source will not create cases for you based on reported abusive behavior, but instead, based on how likely the Scamadviser algorithm thinks it is that a domain name is doing something bad, most likely a fake web shop, scam or alike.

Alongside turning the source on, there is an option to select which trust score level the customer would like to have a case created. Customers can pick from the values below 50, below 40, below 30, below 20, and below 10. Now, as most of you won't be familiar with the Scamadviser Trust Score, here is a quick and dirty explanation. Trust Score is a value from 1 to 100. 

The more positive bits of data Scamadviser finds regarding a domain name, the higher the Trust Score, and the more negative bits of data they see, the lower the Trust Score. Take iq.global, for example, which has been scanned by Scamadviser and granted the Trust Score of 100 due to the overall positive bits of data found. 

Another domain name might have a Trust Score of 70, which is still rather high. However, when you get below 50 in Trust Score, the risk of the site doing something bad start to go up. This is why we have chosen to enable our customers to pick for themselves at what Trust Score they want to be notified. 

For example. as of today's blog post (5 March 2021) there are:

  • 71,773 reports of domain names below the Trust Score of 50
  • 43,734 reports below the Trust Score of 40
  • 24,978 below the Trust Score of 30
  • 12,196 below the Trust Score of 20
  • And finally 4,057 number of reports below the Trust Score of 10.

So, the lower you set the number, the lower amount of cases will potentially open up for you. 

Any customer that wants to use the Scamadviser Trust Score source should try finding the sweet spot of where you want to be in order to find the abusive domain names without getting too many legit domain names in your results.

In this source, we don't talk about false positives, but rather how close you have come to getting just the right reports for you to act on, based on which trust score will yield a case in Abuse Manager.

Now, all this being said, Scamadviser Trust Score is not for everyone, but for customers that want to root out as much abusive behavior as possible among their domain names; this is one more very useful tool. 

Finally, we need to mention that the Scamadviser source only contains domain names that have been actively scanned. If you want to make that all your domain names are scanned, you should contact us and ask for a full scan of your domain names. This can be done as a one-time thing, as a monthly, quarterly, or yearly occurring scan, and is associated with an additional cost above the monthly Abuse Manager fee. 

Subscribe to our newsletter