A residential proxy is an intermediary server between individuals and websites they visit to make their connections appear to originate elsewhere. Legitimate IP addresses assigned by an Internet Service Provider (ISP) to consumers’ Internet of Things (IoT)1devices, such as TV streaming devices, digital picture frames, smartphones, tablets, and routers are used to route traffic. Once an internet-connected device is compromised, the device’s IP address can be used by threat actors to mask their online illegal activity, making the consumer appear responsible.
On March 12, the Federal Bureau of Investigation (FBI) published a Public Service Announcement (PSA) to raise awareness of residential proxies, the risks they pose, and steps the public can take to safeguard their devices from becoming part of a residential proxy network. Cyber threat actors use residential proxies to facilitate illicit activities, while obfuscating their true identities and locations by routing internet traffic through home and small business internet networks.
The FBI Alert describes:
- How criminal actors use residential proxy networks to distribute malware, engage in phishing attacks and identity theft, steal personal financial and account details, and more
- Methods used to acquire IP addresses to use in a residential proxy network, including compromised devices, partnerships with mobile app developers and VPN operators, and more
- Tips for users at home to reduce the risk of becoming part of a residential proxy networks.
Further details are available in a two part article written by executives of The Motion Picture Association and Comcast, and published by Piracy Monitor in September 2025 (Links below).
FBI recommendation
- Keep software and operating systems up to date. Installing updates as they become available can help protect your devices from being infected.
- Enforce strong device policies to prevent unauthorized devices from joining your business network.
- Utilize network segmentation. Separate your network into segments to isolate sensitive data and systems from general traffic.
- Implement firewall rules to prevent unauthorized applications and services from communicating over your network.
- Block IP addresses that are known to be associated with residential proxy networks.
Further reading
Evading residential proxy networks: Protecting your devices from becoming a tool for criminals. Alert number: I-031226-PSA. March 12, 2026. Federal Bureau of Investigation (FBI)
The criminal infrastructure hiding in plain sight: Unmasking residential proxies. Part 1. September 24, 2025. By Larissa Knapp, EVP and Chief Content Protection Officer, Motion Picture Association, and Noopur Davis, Executive Vice President, Chief Information Security and Product Privacy Officer, Comcast Corporation. Published by Piracy Monitor
The criminal infrastructure hiding in plain sight: Unmasking residential proxies. Part 2. September 24, 2025. By Larissa Knapp, EVP and Chief Content Protection Officer, Motion Picture Association, and Noopur Davis, Executive Vice President, Chief Information Security and Product Privacy Officer, Comcast Corporation. Published by Piracy Monitor
