This is a broad question – I am just learning more about cyber security. I was curious how companies that implement ip verification / reputation tools to mitigate risk (fraud, etc) deal with the growth of vpn usage by the general public for their own needs. Nordvpn, mcaffee, HMA, MULLVAD are growing I wonder how this has impacted mitigating risk based off ip reputation?
In the past I’ve made the mistake of purchasing an item with a ip that apparently had a bad reputation for some sort of abuse. More recently, my father applied for a loan on a vpn, which he basically set and forgot. He’s not digitally native so he gets a pass but I’m sure this impacts their decision making and threat analysis of an applicant.
I guess my question is – where are we at with using ip reputation to identify bad actors vs potential false positives like my father? Is it too early to go 100 percent with a vpn, at the router level, or have we moved past ip rep as a major factor.
TIA.