ARIN Fraud Reporting Results - 2022

First Quarter Investigation Results

ARIN received 47 fraud reports in the first quarter of 2022.

  • Of the reports received, 41 involved matters such as abusive activity by users of ISPs that are outside the scope of ARIN's fraud reporting process. No action was necessary.
  • Three involved unauthorized routing of IP addresses. In one case, we provided details of the previous registrant of those IP addresses. In the second case, we provided suggestions on using the IRR and RPKI to publish routing information to prevent hijacking. In the third case, we provided contact details for the upstream networks to assist in contacting the network that may have been responsible for the hijacking.
    • Ticket Numbers: ARIN-20220114-F3512, ARIN-20220113-F3511, ARIN-20220221-F3532
  • One involved a potential hijack of an ASN. The record was locked to prevent a hijack attempt.
    • Ticket Number: ARIN-20220210-F3528
  • One involved law enforcement unable to contact a registrant regarding a potential criminal matter. We provided contact information for the registrant's upstreams and suggested they contact the upstreams to find/contact the registrant.
    • Ticket Number: ARIN-20220314-F3543
  • One involved a user who believed an ARIN Online account had been created but was unable to find it. We found no record of an ARIN Online account for the user.
    • Ticket Number: ARIN-20220328-F3554

Second Quarter Investigation Results

ARIN received 42 fraud reports in the second quarter of 2022.

  • Of the reports received, 37 involved matters such as abusive activity by users of ISPs that are outside the scope of ARIN's fraud reporting process. No action was necessary.
  • Two reports were of attempted resource hijackings. One involved multiple ASNs hijacked via domain name registration; the other involved a legacy block with possibly fraudulent reassignments. Our investigation into these two reports is ongoing.
    • Ticket numbers: ARIN-20220423-F3562, ARIN-20220512-F3571
  • One report was of erroneous contact information. A user indicated contact information should not be on a registration. We confirmed and removed the stale contact information.
    • Ticket number: ARIN-20220526-F3578
  • One report was of fraudulently obtained resources in order to use IPv4 addresses for leasing. We investigated but were unable to confirm any were fraudulently obtained.
    • Ticket number: ARIN-20220531-F3583
  • One report involved a possibly stale registration record. The report indicated the listed organization no longer existed. We reviewed and determined no action was needed
    • Ticket number: ARIN-20220607-F3588

Third Quarter Investigation Results

ARIN received 56 fraud reports in the third quarter of 2022.

  • Of the reports received, 52 involved matters such as abusive activity by users of ISPs that are outside the scope of ARIN's fraud reporting process. No action was necessary.
  • One report involved a possibly unjustified transfer, We reviewed and determined no action was necessary.
    • Ticket number: 20220718-F3610
  • One report involved attempted unauthorized routing of resources. We reviewed, determined stale Whois records were involved, and removed the stale records.
    • Ticket number: 20220801-F3617
  • One report involved improper use of Reserved IPv4 Space for IPv6 Deployment space. We reviewed and could not confirm. We will review again if additional resources are requested.
    • Ticket number: 20220821-F3629
  • One report involved unauthorized creation of ROAs. We confirmed and removed the ROAs.
    • Ticket number: 20220922-F3650