How do I report abuse of AWS resources?
Last updated: 2020-04-30
I suspect that Amazon Web Services (AWS) resources are used for abusive or illegal purposes. How do I let AWS know?
The AWS Abuse team can assist you when AWS resources are used to engage in the following types of abusive behavior:
- Spam: You are receiving unwanted emails from an AWS-owned IP address, or AWS resources are used to spam websites or forums.
- Port scanning: Your logs show that one or more AWS-owned IP addresses are sending packets to multiple ports on your server, and you believe this is an attempt to discover unsecured ports.
- Denial-of-service (DoS) attacks: Your logs show that one or more AWS-owned IP addresses are used to flood ports on your resources with packets, and you believe that this is an attempt to overwhelm or crash your server or the software running on your server.
- Intrusion attempts: Your logs show that one or more AWS-owned IP addresses are used to attempt to log in to your resources.
- Hosting objectionable or copyrighted content: You have evidence that AWS resources are used to host or distribute illegal content or distribute copyrighted content without the consent of the copyright holder.
- Distributing malware: You have evidence that AWS resources are used to distribute software that was knowingly created to compromise or cause harm to computers or machines on which it is installed.
If you suspect that AWS resources are used for abusive purposes, contact the AWS Abuse team using the Report Amazon AWS abuse form, or by contacting email@example.com. Provide all the necessary information, including logs in plaintext, email headers, and so on, when you submit your request.
Note: The AWS Abuse team doesn't open attachments under any circumstance. You must provide any necessary information in plaintext.
For faster resolution, it's a best practice that you send all cases containing amazonses.com in the header to firstname.lastname@example.org. You can continue to send all other reports to email@example.com.
Note: firstname.lastname@example.org uses an automated system, so you don't receive a response.
The AWS Abuse team may forward log details as-is, but they do not forward personally identifying information unless those details are required for the investigation, or unless explicit permission is given to do so.
Note: AWS Support can't assist with reports of abuse or questions about notifications from the AWS Abuse team. If you have questions for the AWS Abuse team, reply directly to their email.