What should I do if the security of my Certified IP address has been compromised?

A security compromise not only poses a risk to your Certified IP address but could negatively affect your business and brand image. 

You should follow these guidelines if the security of your Certified IP address has been compromised: 

  1. Immediately contain and limit the exposure. 
    • If the security breach can be traced to a specific computer, remove it from the network and clean it using anti-virus software. 
    • Disable connectivity between the area involved with the compromise and your email sending system. 
    • If a specific user account was compromised, change all applicable passwords. 
    • Monitor traffic across all IP addresses and servers. 
  2. Alert all necessary parties of the compromise. This may include an internal security team or IT department, the email software vendor, or the email service provider (ESP). 
  3. Identify the weaknesses in your security system and take steps to strengthen it to prevent further spam from being sent from your IP address. 
    • Depending on the results of your investigation in identifying the root cause of the security breach, Return Path can provide recommendations on how to fix the issues. 
  4. If the compromise constitutes a potential criminal case, notify the appropriate law enforcement agencies as well as whether external notifications are required. 
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request