ARIN Fraud Reporting Results - 2025 [Archived]

OUT OF DATE?

Here in the Vault, information is published in its final form and then not changed or updated. As a result, some content, specifically links to other pages and other references, may be out-of-date or no longer available.

First Quarter Investigation Results

ARIN received 81 fraud reports in the first quarter of 2025.

  • 79 reports involved things outside the scope of ARIN’s fraud process, such as hacking/phishing and other activity by end users. We informed these reporters that ARIN cannot investigate this activity.
  • 1 report concerned a potentially compromised ARIN account. The associated registrations were determined to be abandoned and were made inactive.
    • Ticket: 20250204-F7691
  • 1 report concerned unauthorized use of IPv6 transition space. We could not confirm, but sent a warning and the account was flagged for followup if and when additional IPv6 transition space is requested.
    • Ticket: 20250305-F7729

Second Quarter Investigation Results

ARIN received 43 fraud reports in the second quarter of 2025.

  • 40 reports involved use by end users such as hacking, spam, and phishing that are outside the scope of ARIN’s fraud reporting process. We informed these reporters ARIN could not act on their reports.
  • 1 report involved stale reassignment information. The stale information was removed.
    • Ticket: 20250403-F7752
  • 1 report involved nonfunctional contact information. We confirmed the contact information was nonfunctional and locked the account to ensure we obtain functional contact information.
    • Ticket: 20250309-F7732
  • 1 report involved unauthorized out-of-region use. We were unable to confirm, but sent the organization a warning and flagged for follow-up if and when additional resources are requested.
    • Ticket: 20250619-F7789

Third Quarter Investigation Results

ARIN received 49 fraud reports in the third quarter of 2025.

  • 37 reports involved use by end users such as hacking, spam, and phishing that are outside the scope of ARIN’s fraud reporting process. We informed these reporters ARIN could not act on their reports.

  • 1 report involved reserved IPv4 space to facilitate IPv6 transition space not being used for IPv6 transition. Our investigation is ongoing.

    • Ticket: 20250810-F7820

  • 1 report involved reserved IPv4 space to facilitate IPv6 transition space that was reallocated to another organization. The reallocation was removed.

    • Ticket: 20250810-F7821

  • 5 report involved unauthorized routing. In all 5 cases, the routes were withdrawn and no additional action was needed.

    • Tickets: 20250719-F7807, 20250706-F7797, 20250719-F7806, 20250728-F7815, 20250915-F7840

  • 1 report involved invalid registration information. ARIN was unable to verify the information was invalid.

    • Ticket: 20250725-F7813

  • 1 report involved reassignments being made without appropriate justification. ARIN was unable to verify any policies were violated.

    • Ticket: 20250826-F7829

  • 1 report involved out of region use of ARIN resources. Our investigation is ongoing.

    • Ticket: 20250920-F7844

  • 2 reports involved creation of unauthorized ROAs. In both cases the unauthorized ROAs were removed.

    • Tickets: 20250905-F7837, 20250906-F7838

OUT OF DATE?

Here in the Vault, information is published in its final form and then not changed or updated. As a result, some content, specifically links to other pages and other references, may be out-of-date or no longer available.