I'm "deemed suspicious" when I access Google, Microsoft or Twitter and I have no idea why. Why?

My setup:

A MacBook that dual-boots into Linux Mint (I usually browse the internet in Chrome or Firefox on that) and Mac OS X (browsing in Chrome for Mac, or Safari).
Both my Linux and Mac OS X partitions are as far as I know clean (I keep both OS's and their programs always up-to-date, and use fire-walls etc.)
Repeatedly cleaning my full browsing, cookie, LSO, history, passwords etc. etc. (the full) browser history hasn't helped.
I'm internet browsing from home, with a connection with a static IP.

The problem:

When I access www.google.com, I get "Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot." What is it that I can't access Google and it thinks I'm not human!
Recently, I signed up to Twitter for the first time, and after clicking on the confirmation link in the confirmation e-mail, I got an error screen by Twitter that said "We detected unusual activity from you." and yet again prompting me to confirm I'm human, and to give my phone number (I don't want to, I have a perfectly valid and working e-mail adress for that!)
I have a Microsoft (specifically, outlook.com) e-mail address, and when I try to sign in to that, I get "There's unusual activity from your account, blah-blah-blah suspicious activity blah-blah-blah you're not human"... And I can't sign into it.

What on earth is it that I'm always accused of being non-human.

To make it absolutely clear: I'm NOT engaged in any illegal activities whatsoever of any kind.

user708103

Posted 2017-03-16T10:49:02.090

Reputation: 41

1This usually happens if you use a vpn or Tor: the ips they provide often become blacklisted. You should first ascertain the ip you're showing, and then check it against reputation lists. If it turns out you are actually using the static ip given to you by your isp and it has a bad reputation, you should ask the isp to give you a clean one or work yourself with the reputation lists' maintainers to have it removed. – simlev – 2017-03-16T10:59:01.563

Answers

It sounds to me like a device on or using your network may be compromised and doing dodgy things. (It could also be that your router is infected). Are you able to get some kind of traffic utilisation graph from your ISP and see if it matches your usage behaviour ?

davidgo

Posted 2017-03-16T10:49:02.090

Reputation: 49 152

There are several possibilities, depending on your ISP, network architecture, and query content.

First, there are a number of services that evaluate the traffic coming from entire ISPs or Autonmous Systems, or even particular public nets/subnets, and make determinations about the trustworthiness of the block of addresses as a whole. I once had to troubleshoot an issue where emails to a place across town were taking more than 24 hours. We discovered that the traffic was being routed through a network in the Netherlands that had significant hacker activity, and as such was blacklisted. This might be the case if you are using a VPN, Privacy Service, or are just unlucky enough to have subscribed to the wrong ISP.

Second, when your packets traverse the ISP network and come out on the public Internet, you can never be sure that you are the only person with sessions identified by that public IP. I took a web security class once, where we were all sharing a public IP (the training company NAT'd everything to one public address) so the preponderance of traffic related to security topics and search terms like XSS/CSRF URLs, etc. caused Google to distrust us almost immediately.

Third, note that many companies provide services for blacklisting addresses/ranges and are widely used across many platforms. Many content providers (Google/Microsoft) both provide such a service and consume other companies as well. This would explain why so many big services decided that you might be a bad actor all at once. It might be that you entered a few questionionable Google searches, and both Twitter, and MS use Google search blacklists.

There are all kinds of possibilities, and most are things you can't do much about, but you could try reaching out to the companies you are receiving these messages from, as they may be able to tell you upon what the decision was made.

Frank Thomas

Posted 2017-03-16T10:49:02.090

Reputation: 29 039