Proton
Inscreva-se por RSS

Anti-abuse and account security at Proton

Dingchao Lu

Compartilhar esta página

Proton Mail has automated anti-abuse systems to protect against the main types of abuse that pose significant risks to the Proton community. These systems may sometimes suspend accounts for safety reasons. Below, we discuss why accounts get suspended and how suspended accounts can be restored. Proton Mail’s anti-abuse team works 24/7, and you can always reach a real person if you have an issue with your account. 

Types of abuse and security threats

As an encrypted email service, there are three main types of abuse with significant risks to our users:

Bulk email registrations

  • How it works: Attackers sign up for many Proton Mail addresses that they then use to sign up for other services, such as social media or e-commerce websites. Attackers then violate the terms and conditions of these other services or act abusively.
  • How it affects Proton services: Services that aren’t sophisticated at combating abuse may start blocking all accounts registered with Proton Mail, and then good users cannot use these services.

Account takeovers

  • How it works: Attackers log in to many good users’ accounts by fooling them with phishing attacks, cracking weak passwords, or using passwords that were leaked from a breached service in hopes that the user reused the same password on multiple accounts.
  • How it affects Proton services: Attackers can see the user’s encrypted data, use their data to impersonate them, take over other services linked to their email, or use their account to send spam.

Spam

  • How it works: Attackers send spam from many Proton Mail addresses to recipients on other email services.
  • How it affects Proton services: Recipients mark these emails as spam, causing Proton Mail IP and domain reputations to fall and get blocklisted, leading to email delivery issues for good users.

Since Proton Mail launched in 2014, we’ve provided free and easy-to-use secure email to anyone who wants more privacy online. Our focus on privacy means that Proton Mail has to do things differently. Zero-access encryption prevents us from accessing user inboxes, and our focus on privacy means we don’t require a phone number to create an account (unlike most other email services). For this reason, we need to be more sophisticated in detecting abuse and securing Proton Mail accounts in a privacy-preserving way. To date, these systems have protected millions of members of the Proton community from the above risks.

Blocking bulk signups

Because of the risk posed by bulk email registration, Proton Mail’s terms and conditions can’t permit anyone to create large numbers of free email addresses (there are possibilities for paid users, which we discuss below). 

With over a million monthly signups, preventing bulk signups is too complex for human analysts to manage effectively. It requires automated systems that use machine learning models to cluster accounts controlled by the same actor. 

When a cluster of free accounts grows too large, the system sends an email alert to some of the accounts, warning them that this is against our Terms of Service. If this warning is ignored and the bulk account creation continues, the system will suspend all accounts in the cluster. 

As with any prediction system, there’s a tradeoff between false positives (blocking the accounts of good users) and false negatives (letting abusers create accounts). We try to minimize both, but inevitably, even though it’s rare, our system sometimes disables or blocks good users. We regret when this happens, but automated systems are required to prevent abuse that would otherwise impact good Proton Mail users.

If you’ve been impacted by our anti-abuse system and weren’t using Proton Mail for abusive purposes, please submit a report at https://proton.me/support/appeal-abuse

Our team of analysts is available to review reports 24/7. They will quickly investigate the situation and help restore your account. 

If you want to avoid such issues and support Proton in providing high-quality free services, consider upgrading to a paid account. Paid accounts can add custom domains and create multiple email addresses, including on premium Proton domains such as @pm.me. 

With multiple addresses, you can use a different one for each external service (for example, one for a social media site and another for a crypto exchange) to keep your identities private. This also allows you to disable any address that you no longer want to receive email or spam with. If you need secure email for your organization, we also have business encrypted email plans with multiple accounts, automated SMTP sending, and dedicated customer support.

If you’re the operator of an internet service and have seen abuse, such as bulk registrations or spam coming from Proton, please let us know at https://proton.me/support/report-abuse or email us at abuse@proton.me. Our team will carefully review each report, take appropriate action against abusers, and improve our systems to prevent future abuse.

Preventing account takeovers

Another reason our automated anti-abuse systems disable accounts is to protect users from having their accounts taken over. If we think an attacker has breached your account or is in imminent danger of being breached, we may proactively suspend your account to prevent the attacker from getting in, at least until we can get in touch with you. 

To date, Proton Mail hasn’t had any data breaches or data leaks, and we don’t ever have access to your password thanks to our use of zero-access encryption and end-to-end encryption. Still, an attacker may obtain the password of an account. This could happen if you fall for a phishing attack or reuse a password from another service that was hacked. 

To prevent account takeovers, we block accounts at risk of such attacks, which could lead to your account being disabled. If this happens to you, we might ask you to use your recovery method to change your password or get in touch with our Support team to secure your account. 

To help you monitor your account security, we built mobile push notifications to alert you of each successful login. We may require a captcha or force a verification from any saved recovery methods for suspicious logins that we’re not confident enough to block. This is for your safety. Cumulatively, these defenses have reduced compromised accounts by over 80% in the last two years.

Proton is used by some of the world’s most high-profile journalists, leaders, and international organizations that are high-value targets for attackers. We strongly recommend using two-factor authentication, which adds a layer of protection to your account, and setting up a recovery phrase, which can recover data even if you forget your password.

If you are a high-profile public figure, deal with sensitive data, or think you might be a target for cyberattacks, you can take advantage of our Proton Sentinel program. It provides advanced account security, enables you to monitor login attempts more closely, and lets you speak with Proton security analysts.

If you have any issues related to account recovery or security, please contact our specialists by emailing abuse@proton.me.

Reducing spam

Proton Mail also has a sophisticated in-house system that applies similar machine-learning techniques to email, mainly to fight spam and phishing attacks. This system also includes PhishGuard, which automatically adds phishing warnings to emails that are likely spoofed or are part of a phishing attack. The system automatically learns from your feedback (for example, moving an email to spam, marking an email as phishing, or moving an email from spam to inbox) so it can quickly react to new attacks and improve its decisions if you disagree with its classifications. Our anti-spam system protects the Proton community from abuse and security threats and is at least 60% more effective than widely used spam filters such as SpamAssassin.

In addition to classifying incoming emails, this system works with our other anti-abuse systems to block bulk email registrations and outgoing spam from abusive Proton Mail accounts. Due to these systems and the global team that monitors for threats 24/7, Proton Mail has high-reputation IPs and domains that provide great email deliverability for the Proton community. If you have any issues with mail delivery or spam, please email our specialists at postmaster@proton.me.

Looking forward

Abuse is an inevitable part of the internet because wherever there is freedom and opportunity, there will be bad actors trying to take advantage. And if a service has value and is easy to abuse, it will attract more abusers, and the experience and safety of users will suffer until the service has little value. 

That’s why our fight against abuse and bad actors is a critical part of our work to support freedom and privacy on the internet.

We hope these efforts will make the Proton ecosystem the most secure and easy-to-use solution for anyone who wants to interact on the internet.

Proteja sua privacidade com a Proton
Crie uma conta gratuita

Artigos relacionados

How to delete all photos from Google Photos
en
Using Google Photos to store and share your pictures means allowing the company to see, analyze, and process them. Many people concerned about their privacy have taken steps to move away from the Google ecosystem, despite the company’s efforts to hid
Proton Wallet
en
  • Atualizações de produtos
  • Notícias da Proton
  • Proton Wallet
Introducing Proton Wallet – a safer way to hold Bitcoin
WHAT IS PROTON WALLET? Our long-term vision is for Proton Wallet to be a digital wallet that gives you full control of your digital assets. While the type of assets that you can hold in Proton Wallet may evolve over time as we add more capabilities
en
  • Guias de privacidade
What is Bitcoin?
Bitcoin is an innovative payment network that leverages peer-to-peer transactions to remove the need for a central bank. Bitcoin has revolutionized the core principles of value exchange by showing that a network of fully independent nodes can operate
en
  • Atualizações de produtos
  • Proton Wallet
Proton Wallet user experience and security model
Proton Wallet is a digital asset wallet that currently supports self-custody on-chain Bitcoin. In this article, we review the key features and security architecture that make Proton Wallet a private and secure wallet that is as easy to use as email.
proton scribe
en
Most of us send emails every day. Finding the right words and tone, however, can take up a lot of time. Today we’re introducing Proton Scribe, a smart, privacy-first writing assistant built right into Proton Mail that helps you compose and improve yo
en
People and companies are generally subject to the laws of the country and city where they are located, and those laws can change when they move to a new place. However, the situation becomes more complicated when considering data, which can be subjec