You could be right, in 2008 we handled about 10^5 complaints per day, and the volume seemed to double every year(most of those were automated complaints from external systems complaining about our customers spamming/phishing/etc), I don't know what the figures are now.
My point was we had automated rules in place that worked really well and there was nothing really clever about those rules.
It was a game of cat and mouse between our rule designers and adversaries who always tried to probe our thresholds and evade us while we tried to find new useful facts about customers, new probes, new actions, react proactively, but not screwing our legitimate customers was always our number 1 concern.
