CleanDNS supports the principles of the Framework to Address Abuse (also known as the DNS Abuse Framework). The framework defines five categories of abuse as follows:
Malware is malicious software, installed on a device without the user’s consent, which disrupts the device’s operations, gathers sensitive information, and/or gains access to private computer systems. Malware includes viruses, spyware, ransomware, and other unwanted software.
Botnets are collections of Internet-connected computers that have been infected with malware and commanded to perform activities under the control of a remote administrator.
Phishing occurs when an attacker tricks a victim into revealing sensitive personal, corporate, or financial information (e.g. account numbers, login IDs, passwords), whether through sending fraudulent or ‘look-alike’ emails, or luring end users to copycat websites. Some phishing campaigns aim to persuade the user to install software, which is in fact malware.
Pharming is the redirection of unknowing users to fraudulent sites or services, typically through DNS hijacking or poisoning. DNS hijacking occurs when attackers use malware to redirect victims to [the attacker’s] site instead of the one initially requested. DNS poisoning causes a DNS server [or resolver] to respond with a false IP address bearing malicious code. Phishing differs from pharming in that the latter involves modifying DNS entries, while the former tricks users into entering personal information.
Spam is unsolicited bulk email, where the recipient has not granted permission for the message to be sent, and where the message was sent as part of a larger collection of messages, all having substantively identical content.
To read the full framework as of May 2020 version of this framework, click here.
At this time, in order for CleanDNS to act on an abuse report, the report must fall into one of these categories and have adequate evidence supporting it.