Abuse reporting and acceptable use
Thalassa Cloud expects all customers to use the platform lawfully and responsibly. We investigate reports of abusive activity and take action when workloads on our infrastructure harm others, violate applicable law, or breach our terms of service.
This page explains what we consider abuse, how to report it, and what happens after a report is received.
Reporting abuse
If you believe abusive activity is originating from an IP address, domain, or service hosted on Thalassa Cloud, submit a report to Thalassa Cloud support.
Include as much detail as possible so we can investigate quickly:
| Information | Detail |
|---|---|
| Date and time | When the abusive activity occurred (with timezone) |
| Source indicators | IP addresses, domain names, URLs, email headers, or hostnames involved |
| Activity type | Spam, phishing, malware distribution, brute-force attacks, copyright infringement, or other — see categories below |
| Evidence | Log excerpts, email headers, packet captures, screenshots, or other supporting material |
| Impact | How the activity affected you or your systems |
| Your contact details | Name, organisation, and email address so we can follow up if we need clarification |
We aim to acknowledge abuse reports promptly and investigate valid reports without undue delay. Response times depend on severity — active malware distribution and ongoing attacks are prioritised over historical spam complaints.
Do not include passwords, private keys, or other secrets in abuse reports. If you need to share sensitive evidence, mention this in your report and we will arrange a secure transfer method.
Categories of abuse
| Category | Examples |
|---|---|
| Spam and unsolicited email | Bulk email sent without recipient consent, email relay abuse, snowshoe spam |
| Phishing and fraud | Deceptive sites or emails designed to steal credentials, payment fraud, impersonation |
| Malware and botnets | Hosting or distributing malicious software, command-and-control infrastructure, cryptomining malware |
| Network abuse | Port scanning, brute-force attacks, intrusion attempts against third parties, open resolvers used for amplification |
| Denial of service | DoS or DDoS attacks launched from Thalassa Cloud infrastructure against external targets |
| Illegal content | Content that violates applicable law in the Netherlands or the European Union |
| Intellectual property | Copyright or trademark infringement where a valid legal notice is provided |
| Resource abuse | Attempts to bypass platform quotas, rate limits, or fair-use policies in ways that degrade service for others |
If you are unsure whether an activity qualifies, submit a report with the available evidence. Our abuse team will assess it.
Customer responsibilities
As a Thalassa Cloud customer, you are responsible for all activity originating from resources in your organisation. Under the shared responsibility model, securing your workloads against compromise is your obligation.
You must not use Thalassa Cloud to:
- Send spam or operate open mail relays
- Host phishing pages, fraud sites, or deceptive content
- Distribute malware or operate botnet infrastructure
- Attack third-party systems — including denial-of-service attacks, port scanning of external networks, or credential stuffing against services you do not own
- Violate applicable law or infringe the rights of others
- Attempt to bypass platform limits or degrade shared infrastructure for other customers
Monitor your workloads for signs of compromise — unexpected outbound traffic, unfamiliar processes, or resources you did not provision. Compromised accounts and instances are a common source of abuse reports.
How we respond
When we receive a credible abuse report, we typically:
- Investigate — Correlate the report against platform logs, network telemetry, and the identified resources
- Notify the customer — Contact the organisation that owns the affected resources, except where law enforcement involvement or immediate action requires otherwise
- Request remediation — Ask the customer to remove abusive content, patch compromised systems, or correct misconfigurations within a defined timeframe
- Take protective action — If remediation does not occur, or the abuse poses immediate harm, we may suspend network access, isolate resources, or disable accounts to protect other customers and the platform
- Escalate — Refer matters to law enforcement or regulatory authorities where required by law or where criminal activity is evident
We may suspend or terminate accounts that repeatedly generate abuse reports or that fail to remediate after notification. Serious or deliberate abuse may result in immediate suspension without a remediation window.
Security testing vs abuse
Authorised security testing of your own workloads is permitted with advance notification. Security tests that generate traffic against third parties, flood shared infrastructure, or bypass platform limits are treated as abuse regardless of intent.
If you are a security researcher who discovered a vulnerability in Thalassa Cloud platform infrastructure — not in a customer’s misconfiguration — report it through support. See Security assessments.
Law enforcement and legal requests
Thalassa Cloud complies with valid legal requests from Dutch and EU authorities. Law enforcement agencies can contact Thalassa Cloud support with official correspondence. We verify the legitimacy of requests before disclosing customer information or taking action.