[ARIN-Suggestions] One New Suggestion Received

[ARIN]

One new suggestion has been received (2023.9). You may find the new suggestion and link in full below. 

Regards, 

American Registry for Internet Numbers (ARIN) 

---------

ACSP Suggestion 2023.9: Require ARIN Online account to view Points of Contact in Whois
https://www.arin.net/participate/community/acsp/suggestions/2023/2023-09/

Author: Sam Dibrell   

Description: Protect POC contacts from harvesting and abuse by malicious third parties

Protecting ARIN POC email addresses from harvesting by malicious third parties can be accomplished by requiring an ARIN user account to view the POC email address. Logging of POC email address views can then provide insight as to which user accounts are harvesting large amounts of contact information. Making logs available to POCs of registered users which viewed POC contact information, when cross referenced to malicious email campaigns to POC email addresses, can assist in identifying malicious users.

Requiring an ARIN account adds an initial layer of protection, as it moves the bar closer to only authorized individuals with legitimate reasons accessing POC email addresses. However, if this step alone doesn’t effectively deter harvesting practices, providing access logs to POC contact information can serve as an additional deterrent. These logs would allow POCs to monitor and track which user account accessed POC contact information, creating accountability and discouraging improper use. By combining these measures, ARIN strengthens the security of POC email addresses and increases the transparency and traceability of interactions, thereby reducing the risk of harvesting by malicious entities and enhancing overall privacy and protection for the ARIN community.

Value to Community: Protecting point of contact (POC) email addresses from being harvested and exploited by spammers and scammers is of immense value to the ARIN community. By implementing protective measures, ARIN reduces the bandwidth and resource loss caused by spam and scams. Email harvesting techniques employed by malicious actors lead to an influx of unsolicited emails, spam, phishing attempts, and fraudulent activities. This not only consumes valuable network bandwidth but also wastes resources, including time and effort, in dealing with and mitigating these threats. By safeguarding POC email addresses, ARIN ensures that its members can allocate their resources efficiently, focus on legitimate activities, and maintain a secure and productive Internet environment.

Timeframe: Not specified