A Block List is a custom and private watchlist, generally originated by an institution itself, and not a government, and comprised of data like names, addresses or IP addresses. These lists are also called Black List and Reject List. Their goal is to block business with certain individuals and entities that are not on watchlists otherwise used by an organization.
Generally, these lists are composed of former customers of an organization whose business relationships were severed due to risk or criminal activity, or the customers of other organizations who have raised red flags.
Block listing is implemented by identifying what should be blocked. This could be names, locations, crypto wallets, IP addresses and more. Block listing has traditionally been deployed as a key element in financial crime compliance, and is an important add on to government watchlists.
To be effective, block listing requires the specific identification of known or suspected threats with corresponding high quality information. Unknown or poorly known threats cannot be block listed and are generally “immune” to block listing defense strategies. For example, a named business with a known location can be effectively block listed, but an unnamed "cyber criminal in Region X" cannot.
Still, block listing is a popular strategy and has been for many years, mainly due to its ease of implementation.
Advantages and Disadvantages of Block Listing
The main advantage of block listing is simplicity. A threat is identified and blocked from your systems, but other payments are allowed, meaning that if the block listed individual or entity has a new name or location, block listing is unlikely to stop them.
As this strategy depends on identifying known threats, its effectiveness is dependent on how well and how often the blocklist and its associated responses are refreshed and updated.