Why can't Niantic stop the spoofing?
Southeastern New Hampshire and parts of neighboring Massachusetts has been plagued by blatant spoofing. Players from both factions have sat on portals and documented the problem with several spoof accounts. We have photographed portals with no other players in range. We have documented impossible travel times. There is a plethora of evidence these accounts appear magically after a few minutes to take portals and rebuild fields.
Niantic has introduced many new features, many new badges, many new events, but they refuse to preserve the integrity of the game.
Come on, Niantic. Stop developing new features until you build the ability to detect and remove spoofing from Ingress.
Tagged:
11
Comments
Why can't Niantic stop the spoofing?
Why can't credit card companies stop credit card fraud? Why can't email providers stop spam? The answer for all of these things is that they are hard problems with a lot of technical intricacy and complexity. It's also a never-ending arms race. Miscreants find a way to exploit the system. The system responds by stopping them from doing what they did. They find a new way. The system responds. They find another way. The system responds. This continues indefinitely. Credit card fraud was a problem when I was a child and every time you used a credit card the cashier pulled out a book of stolen credit card numbers and checked yours against it. Email spam has been a problem for two decades and it's an ongoing issue, although mail providers have gotten better at filtering it out. Credit card companies spend tons of money combatting fraud.
There's also a perception problem. I run my own email server, and a small number of spam messages break through and end up in my inbox each month. They're slightly annoying... why can't I stop spam? What I don't see unless I look for it is the thousands of messages that got blocked automatically and never got accepted by my server. Similarly, we don't get to see the spoofing that Niantic blocks automatically, just the ones that break through. That makes it seem like Niantic doesn't care and isn't doing anything though in reality they're probably doing a whole lot behind the scenes.
In short, it's not a problem that has a solution but rather an ongoing battle. The question is really whether Niantic is doing enough. I don't have a strong opinion on that but based on what I've seen in Pokemon Go forums the answer is no. There's still tons of spoofing in that game, and I would expect that there's a fair bit of technology overlap between the two games.
A lot of people here on the forum would tell you that it's technically difficult to deal with spoofing. Huh.
I won't say whether it's correct or not. After all it's Ingress Forum run by Niantic. Take this as an example
https://community.ingress.com/en/discussion/14309/you-might-be-kidding-again-sos-founder-acc-flew-140km-40min-defying-the-terrain-but-you-did-nothing#latest
Blatant spoofing like this, which can be confirmed easily, would be instantly banned permanently in 2020 with the help of Fast Track.
Yes. In 2020 spoofer would be banned directly by TR without 3-strike which is a common knowledge. But now? 30-day as it seems.
[2021-03-01 6:39:34 PM] deployed a Resonator on Stone Tiger Statue (Sungang East Motorway Interchange & Sungang East Road & Honghu West Road, Luohu, Shenzhen, Guangdong, China, 518000)
[2021-04-07 8:02:43 PM] destroyed a Resonator on 屏欣苑兒童遊樂場 (Tin Shui Wai Station, Tin Shui Wai, Hong Kong)
A blatant spoofer who should have got permanent ban if reported in 2020, can begin his journey again easily in 2021.
See what? It's already hard for us normal players to make Niantic believe it's a spoofer. But even if confirmed, so what?
The problem does not lie in technical difficulties in stopping spoofing. It lies in somewhere else so it's OK to give up.
It's very obvious that since the beginning of 2021 something changed but some players on the forum keep ignoring it.
Either they don't know anything about and does not involve in current anti-spoofing situation, or they hide it on purpose.
Someday when normal players ultimately became fully aware of what happended, got desperate and felt like being fooled, pedantic theories like this, justifying the "not doing much" and "lack of justice" phenomenon, will inevitably be seen as exploiting the kindness and tolerance of them as well. Good luck my friend.
@LuoboTiX You are interpreting "stop the spoofing" very differently than I am. I work on large-scale systems for a living, and I've also done some fraud-detection work professionally. It's easy to take a single instance of a problem and explain how people could fix it, and you're probably right that in one specific case a fair bit of human effort could have been invested in cleaning it up. If spoofing happened a few times a year then manual intervention would be a perfectly viable solution. That doesn't scale, though. It also doesn't do anything to stop spoofing-- it just cleans up some of the mess that spoofing leaves behind. It does nothing whatsoever to prevent it from happening again tomorrow, and the day after, and next Tuesday, and 37 different times on Friday afternoon, and then suddenly there's a 20-layer spoof field covering a giant chunk of Asia, and as soon as Niantic takes it down it gets put back up. Even when Niantic cleans up after a spoofer it leaves a bad taste in the players' mouths simply because the problem happened.
In order to stop spoofing Niantic needs to automate 99.9% of it. They need to stop it before it happens. I firmly believe that right now a lot of spoofing gets stopped before it happens or that the spoofer gets a very small number of actions before being shut down. I've actually seen this-- we threw a ten-layer field that covered a major urban area and I was at an anchor in the middle of nowhere on a sat phone. By the time I got back to cell service three of the layers had been spoofed down and then the spoof account was auto-banned. This is roughly how it should work, how it has to work on a game the size of Ingress. Manual intervention will sometimes be necessary, but it should be a last resort and it should be rare to need it.
That automated part? That part is HARD. (This is my professional assessment.) It's also never done, because as soon as spoofing is mostly shut down the spoofers get busy and find new tricks. You then have to figure out how to detect those tricks and shut them down, and repeat this ad infinitum. You have to do all of this with a very low false-positive rate because shutting down legit users is bad and they will **** very loudly.
I don't have an option about how Niantic is currently handling post-spoof cleanup right now because I don't have first-hand experience-- the last time I had something cleaned up was just before the Trusted Reporter program shut down. I'm certainly willing to believe that they're doing a less than satisfactory job of that, but I don't believe that cleaning up is stopping spoofing... it's the necessary action when Niantic fails to stop spoofing.
If you interpreted my previous comment as a pedantic theory or as justifying not doing much then I apologize for not writing clearly.
Thanks for your supplementary comment, which laid a solid foundation for your sayings to become completely different from pedantic theroies. There are technical difficulties as you mentioned and described and I agree with you on that. However, the technical difficulties are not and far from the main problems regarding current anti-spoofing situation for many reasons.
Still take this comment from mine as an example:
https://community.ingress.com/en/discussion/comment/136298/#Comment_136298
An automatic google maps API query, combined with several actions before and after this long-range impossible travel time movement can tell that this is a Super Obvious Spoofing. Elementary school students can write a program to detect it without generating false positives from my point of view. This is very simple and safe. The boundary is clear because no helicopter is allowed for such route across the mountain and landing destination is far from an airport for jets as well. No need to introduce large-scale and complex algorithm structure to prevent this case. A permanent ban even if done automatically is also proper because the player is not even hiding it.
Now that you see why I said that the technical difficulties are not the main problem (especially in this case). There are feasible low-cost solutions, for preventing many SOS cases, though not for general spoofing cases. Question is, are they going to be applied? Is there really someone working on it? It seems that to retain more players/accounts are more important than exercising justice.
the only real solution is changing the gameplay until spoofers can no longer interfere. practically turning Ingress to a PvE game, like HPWU
no then u might aswell close down the game.. i still think a new verification method is needed for new and existing accounts.
PvP (on faction's level) is the only attractive thing for me regarding this game.
@LuoboTiX I hear what you're saying, but there's kind of a contradiction between so easy that elementary school kids could do it and knowing about specific geography and airspace restrictions, yes? There's also a cost associated with doing map lookups. I have no idea how many times they would have to do this per day but at a US penny per lookup that could get spendy pretty fast.
Yes, and that adds to my opinion that technical difficulty is not the main problem. Or you could say that "low-cost/free of charge anti-spoofing solution" is.
The main problem is cost and the attitude towards anti-spoofing. The latter one still depends on the cost and revenue and because the game could not benefit DIRECTLY from anti-spoofing in terms of revenue, it's the cost that matters most.
According to the case I referred to, the current attitudes...well, you got my idea.
i know people play ingress especially for the pvp part, but that's also the thing which brings the grief from spoofers. we all know how 'well' the app is maintained, and compare that to the effort of continuously fighting spoofers.
turning the game pve will lose some players, but is that amount higher than when redacted was cut or the ones leaving because of the spoofers? removing the pvp part could improve experience for new solo players, and coop can still provide a lot of engagement if done right
turning the game pve will lose some players, but is that amount higher than when redacted was cut or the ones leaving because of the spoofers?
Probably. Turning the game PVE will make it a PoGo/WU clone, and frankly, those games have larger development teams and larger support teams.
When you say "PVE" in this situation, it's not actually PVE until you create an AI opposition. And people would continue to spoof anyway, with less complaint from other players. You'd create a situation like PoGo and WU where no-one cares about cheating.
And in that situation... what's the point of the game? Just play PoGo if that's what you want.
I have played ingress for several years now and I consider myself to be reasonably computer savvy, but not on a professional level. I keep hearing how it is so difficult to stop spoofing, does anybody here know first hand how it is done and could enlighten us about why is it so difficult to eradicate, e.g. is it somebody inputting a different GPS coordinate on their phone, or is it somebody emulating a phone on a desktop computer.
For instance, if rescue services can triangulate a position from which towers a phone is connected to, is the cell phone itself aware of the identity of the towers it is connected to, and is that info available on the phone itself to be read by the game, in which case it should be easy to correlate the GPS coordinates with the cell tower info. Is that doable, would there be any issues in implementing it? Would it be possible to implement it such that the info is only captured in the data stream (but not continuously analyzed) just so it is available for a tech to look at when a spoofing report comes in.
For the record I don't think credit card fraud is an appropriate analogy to what we are talking about here.
The issue with spoofing is that the server can't trust the client. Anything can be spoofed through the data stream, and Niantic's whole detection (as far as we can understand) relies on inconsistencies. Things like travel time being too fast, inconsistent metrics from the device, invalid device data etc.
The better spoofers get at tricking the phone into acting correctly the harder it gets for Niantic to do it. And since PoGo uses the same client base as Ingress, the vast army of 'acceptable cheaters' in PoGo are able to develop far better spoofing systems.
The cat and mouse game is like having 1 cat, and 1,000,000 mice. Yes, they get some, but catching them all is far less feasible.
For the cell tower tracking for example, Niantic would need to have both maps of actual cell tower IDs, not just "trust what the phone says the tower locations are", because the location data from a tower can be faked by the spoofers, and would also have to assume that the spoofers can't also obtain the same data to present "true fakes".
Imagine a spoofing tool that knew the location of all the towers in a given country, and could simulate what towers the device would see in any given location. I haven't seen a tool for PoGo that can do it, but I have seen some phreaking tools that do just that.
Let me try to unpack this and wrap my head around it.
I thought spoofing involved just the ability to input GPS coordinates into the phone and "make it think" it was at that location, if the GPS coordinates that the phone is reporting to the game do not correspond to the actual towers it is connected to then obviously the GPS coordinates are fake, is that not the case?
My knowledge of cellular technology is pretty basic so this may not be correct, but I thought the GPS coordinates are reported to the OS by the GPS chip, so it may be easier to break into that stream and change the data, whereas the communication stream and the handshakes with the different towers are encrypted, and would be more difficult to fake, that's why I was asking if that info is even available to be read by the game software?
I am sure Niantic is capturing all kinds of data from the devices playing the game, if it is possible to include the cell tower ID, then it would be relatively easy for a tech to look at things when a credible spoofing report comes in and determine that this phone is reporting its location here but is connecting to 3 towers 50 miles away, there is a problem.
1) Yes, (atleast on Android) you can query the cell info you are connected to.
2) No, he's saying he hasn't seen that being done, but it could be done (mapping all cell towers and triangulating which it would use from a certain location)
3) of course there is. Ask money for every x requests to your service and you'll be rich in no time.
The big issue with cell info is: If niantic can verify if a location is in reach of certain cell towers (so Niantic would need to map them themselves), so would a player be able to do so as well
I know the towers keep track of which phones are connected to them, Does the phone know the ID of the towers it is connected to? and is that info available to be read?
Yes, but for Niantic's purposes, it would be the compromised device telling them.
Are you saying that somebody went to the trouble of correlating the infinite number of possible GPS coordinates to the tower Id's that would be in range?
This has been done for some countries in the Phreaking community. The actual work to calculate from a database of locations is trivial.
Is there a legitimate/business use for that to be done? Seems to be a lot of trouble just to cheat in games.
You know how criminals or hackers in movies "Route their call" through multiple countries, but these days they "Triangulate your location from cell towers", there's an tool among phreakers (phone system hackers) to fake your location to trick cell tower triangulation by apps. It doesn't work with the government, because actual cell tower triangulation requires talking to the cell towers themselves, so they'd have to hack into specific towers and fake the output from there, but as a tool for 'faking location' in other systems that rely on the phone, yeah, it's been done.
"Business reason"? Hell no. These people do it for kicks, and to see if they can. Hack the planet!
False assumption and slippery sl0pe. "Imagine a spoofing tool that knew the location of all the towers in a given country" is a vague and hyperbolic hypothesis that won't happen and does not help support your idea.
Basically, your idea is, after @SmokeyCat raised a feasible and technically possible anti-spoofing solution proposal: "the solution won't work because spoofers are powerful and they know every piece of information to deceive Niantic and thus Niantic does not need to take this solution proposal into consideration because it won't help."
Pedantic theories. Speaking like one working in dev team of Ingress and playing together with professional spoofers. Relying on extreme hypothesis to make people believe that "it's really difficult to do anti-spoofing because solutions in your mind won't work". Actually Niantic is the real powerful one in terms of "cell tower mapping". I would appreciate if anyone who has real experience building anti-spoofing mechanism for Ingress team to make evaluation and assertion for this proposal instead of a pile of hypothesis telling it won't work but unable to offer any PoC.
Nia doesn't want to ban spoofers for one simple reason. There are people who are allowed to fly. We have a drag agent who has been flying for over 3 years. We wrote to support, to the forum and to many other places. What's the point? To sense 0. As many players say in our country that the resistance has penetrated the support service of the NIA. And for this, certain players close to the command of the resistance are not banned.
Although to be honest, a lot of enlightenment players love to fly too.
@SmokeyCat The assumption that every device is connected to a cellular tower is not a valid one. I have spent a lot of time playing Ingress while not connected to any cell tower at all. I have played Ingress when there was neither a cell tower nor a wifi network for many miles in any direction. I've played on devices that had their cellular radio turned off, and on devices that don't even have a cellular radio.
Because of that, any solution that relies on the device seeing cell towers is going to fail. It's going to fail the hardest at some of the most critical portals-- hard signal durables are highly valuable, and I'm sure are among the portals that are most commonly spoofed.
That doesn't mean that tower data can't be one input into a complex anti-spoofing algorithm, and I proposed something similar to Niantic several years ago, but it's not a silver bullet. It could weed out lazy spoofers but sophisticated ones could easily evade it. As has been pointed out by others, tower data are probably not trustworthy since the client itself is untrustworthy. If there's a well-maintained database of tower information available to Niantic then it's available to other people as well. If such a database doesn't exist then it's not a viable solution.
Indeed as you say, "It could weed out lazy spoofers but sophisticated ones could easily evade it"
But there are many Super Obvious Spoofers now. Any technical solutions that can ban even if only lazy spoofers, without hurting real genuine players should be welcomed. I will be glad to see if this game could run better by getting rid of lazy spoofers first. Besides, altitude data and some detail technical information extracted from GPS positioning module are also valid input.
The real problem is that Ingress team is relying on/waiting for PoGo team for better anti-spoofing mechanism but PoGo does not care about anti-spoofing as much as Ingress do. So you would see such post throughout this year talking over on every means of anti-spoofing proposal but such discussion could be simply wasting time because nobody from PoGo team comes here and take a look.
Effectively fighting spoofing and any other cheating requires investment from Niantic side and that carries a cost they are not willing to asume.
Niantic can stop spoofing and can also effectively saction it in reasonable times, this has been proved several times, but it seems that in order to achieve it you need to be friends with the guy pushing the buttons in the backend.
So, in summary, if spoofing and other cheating actions are still being free of punishment, it's simply because the costs implied are greater than how much is Niantic getting from Ingress. Not even considering how much they really care.
Well I guess the cell tower idea does not work very well, or at all.
Back to my original question: does anybody here know how spoofing is actually carried out? I have seen that Niantic can tell if a phone is rooted and will not allow login, or something along those lines.
We had some spoofers here who disappeared for a short while when Niantic won the court case against that company with the reverse engineered client, but then they came back.
Is it an app, is it a hacked phone or client, is it even an actual cell phone, or an emulator running on a desktop.,after all, if you can enter cell id's and corresponding GPS coordinates, you may not even have to be on the cell network at all, just plug stuff into a program and off you go from your basement desktop.
Anybody has an idea?
Hi there! I think you'll find that this probably wouldn't be answered here as it is against the community guidelines to discuss such things.
Nashua is the second largest city in northern New England. If one spoofer takes the entire city, and surrounding areas, out of play, that has to have an impact on revenue because you are suppressing other players who might want to play in the region. You are also discouraging other players from competing in AMOI-MIKE-01 (which includes Boston) as the spoofers consistently place themselves atop the leader board for a cell that includes Boston. Even if the spoof accounts subscribe to C.O.R.E., the loss of other players over a large region must be costly.
Suppressing? Are you sure you were quoting the right person here? Did I ever block you from doing reports or discussing about anti-spoofing topics THAT REALLY HELPS? Maybe you shall read posts of mine first, see how my anti-spoofing post was closed and how users in this post suppressing technical solutions proposal, justified the fact that Super Obvious Spoofer was not banned after reports there, before defaming me of something I did not intend to do. Ingress team does not need technical anti-spoofing proposal from you because they don't have the motivation and plan and resources to improve anti-spoofing by themself without help of PoGo team and they seemingly don't want to ban high-level accounts especially with medals. The attitudes towards anti-spoofing, that's the problem, not the technical topics you would like to hear and has occurred on this forum for numerous times and resulting in NOTHING substantial and no change in terms of anti-spoofing mechanism partially because Ingress team, while gathering feature requests and bug reports from players, never asked players to provide idea of how to improve anti-spoofing and partially because the basic appeal of us for eliminating anti-spoofers as much as possible was not perceived as a MUST-DO.
It's funny that you criticize me of suppressing anti-spoofing players when I am among the most proactive anti-spoofing reporters who got a lot of Disagree from those pedantic theories holders who keep telling that anti-spoofing was not done and cannot be done efficiently and effectively "for some reasons, mainly due to technical difficulties" and every time we raise a new solution proposal they would pick some new reasons to turn that down and simply justify the fact that spoofers were not banned as expected, which SUPPRESS us.
I can tell you that it's the truth that "the game could not benefit DIRECTLY from anti-spoofing in terms of revenue". See "DIRECTLY"? You need to make them believe that if anti-spoofing situations remain as is then they will lose customers and thus lose the revenue accordingly. Nashua is the second largest city in northern New England and there are a lot of spoofers as you mentioned and impaired the gaming environment, so what? There are still a lot of players purchasing NL-1331 merchandise. There are still new players in your area joining the game. Maybe and I suppose players are leaving the game in your area due to blantant spoofers but you still need to make Niantic attribute the "We are losing players" directly to "it's because of increasing spoofers" and ultimately "We must do more on anti-spoofing otherwise we will lose too many players and too much revenue that is unacceptable".
And I can tell you that according to the example I used as reference in this case, the current attitudes of them is "OK, we do some anti-spoofing, but not trying our best, just let it be if some spoofers cannot be identified or detected free of charge, players can tolerate, and they would keep playing as usual and accept the result that Super Obvious Spoofing did not lead to permanent ban as previously and a lot of spoofing reports were not really leading to spoofers' being taken down, if they complain about that we just ignore their posts, close their posts, delete comments or mute them".
I don't see any chance for changing that attitudes here via the forum when players cannot even unite upon spoofing reporting posts. What I see is pedantic theories holders keep defending and justifying, while the remainning players just keep silent, express sadness about spoofers' flying freely or make wild accusations among somebody or something, so that they and you could feel comfortable. You may stick to the technical solutions topics as you like that nobody from Ingress team would really care, when your topic remains "Why can't Niantic stop the spoofing?" and could help launch a more constructive campaign to gain more impression and make more impacts but unfortunately became Yet-Another-Anti-Spoofing-Technologies-Debate that Ingress team would not take into consideration even if they show up in this post which is already the rare case. Let's see if things would get better in 2022.
Sorry, I did not know that the community guidelines don't allow these discussions.
However, I would have to ask why? If Niantic is unable, unwilling or incapable of resolving an issue that is affecting game play for all of us, then shouldn't the community try to do something about it, wouldn't the first step be to try to understand what is involved instead of just sitting on our collective a****, while repeating the mantra: " they are doing all they can, it is a hard problem."
Just my 2 cents.
I guess that I will have to educate myself somewhere else, it is unfortunate because I think this community, very likely, has a lot more brain power than Niantic as a company could ever hope to muster alone, and we do not have a bottom line to worry about.
If there is a possible solution to this problem, in which case the game would be a lot less frustrating and more enjoyable to a good chunk of the player base, then we ought to try to find it.
@LuoboTiX Do you know what technology the spoofer you're complaining about is using? It's entirely possible, and I would go as far as probable, that they are not using "lazy" technology if they are succeeding. What you see as Super Obvious Spoofing may not be that at all from a technology perspective. We know from past experience that Ingress does have automated anti-spoofing code. I've seen Niatnic terminate accounts within 1-2 minutes of the first spoof, and I'm also aware of people who have been blocked by Niantic's anti-spoof code even though they were 100% legit... like two agents standing at the same remote anchor and one was able to link but the other one wasn't because Niantic's servers thought they were spoofing.
Also, @MeekayCat can speak for themselves but I'm 99% certain they quoted your message just to anchor their comment and they didn't mean that you-Lubotix were suppressing legitimate play. They meant that spoofers and allowing spoofing suppresses legitimate play. That's very true... competing against cheaters isn't fun. (It's why I hate the Pokemon Go gym game... too many spoofers and multi-accounters.)
@SmokeyCat Your idea does work some... it's just not a silver bullet that solves everything. I wouldn't be surprised if Niantic already uses something like that as one of their factors.
Disclaimer: This is not talking about spoofing. It's talking about anti-spoofing and almost all spoofers have already acquainted these knowledge, only normal players need to know it because normal players rarely learn about anti-spoofing technical details. Thus this comment does not violate Community Guidelines.
Super Obvious Spoofing is actually very rare case. It's blatant cheating that the controller is not even trying to hide. I referred to such case in order to drive the topic to "attitudes" from "technical difficulties" because I suppose this is the key to current anti-spoofing situation, though players if not familiar with current anti-spoofing situation especially reporting and do not have quite much reporting history, would easily come up with idea about technical problems at first.
The most common case known by you and me is that spoofers mocking their location by recording the real-world movement into GPX virtual files and adjust them carefully so that it would behave like a typical player passing by in multiple kinds of vehicles when loading and launching such files. Ingress anti-spoofing mechanism fails to detect such case accurately or completely. Only players in that area can smell easily that there is something strange with that account. They may go to the spot and try to capture the spoofer on the scene and usually they did collect a lot of documents including videos or photos indicating that the relevant account is actually not there and technically impossible to be there due to various reasons, reasons that can not be detected by Ingress game solely from the action logs.
The problem is, Ingress team currently determines whether a player is a spoofer or not, if that account has passed the initial "3rd party tool/client" detection...
(the same detection you mentioned as "automated anti-spoofing code" which focus on the environment of the device not the spoofing action logs)
with the help some modules (e.g. "M****k") to hide the fact that for example the device has been rooted and the mock location functionality is actually enabled and the GPS data sent to Ingress game is hi.jacked
...solely from the action logs. Videos, photos sent by players would not be reviewed because you know that they are genuine and I suppose they are valid but Niantic Support just can't trust them and in my opinion they don't have enough mandays to go through videos and photos and other supplementary documents even if they would like to try to trust them someday in the future and begin reviewing them.
Do you see a dilemma here? If spoofer can pass the A. environment detection B. superman detection, the only way to confirm its spoofing behaviors is by other players' pointing out the not many inconsistency and problematic location shift regardless of the terrain the walls the fence and weather and other conditions but is not always impossible regarding general "impossible travel time" combined with a lot of documents submitted by users....then that spoofer cannot be identified as a spoofer because Niantic Support would not read those documents at all and in Ingress system it just looks like a normal player but a bit hardcore...or very hardcore for example that he could on daily basis always go through busy crossroads or highway on rush hour in vehicle spped but accurately make access to all strategic portals which can not be done by general people if not stopping the car.
That's why I dislike pedantic theories. Niantic and Ingress team actually is doing to some extent the anti-spoofing and helped me ban many SOS cases in 2020 which I really appreciate but current anti-spoofing situation in 2021 is very bad because I almost cannot ban urban spoofers based on GPX routes and avoiding flying like a superman. In this case, some players on the forum are still telling an Utopia story that "Niantic Support have all kinds of data and if they say they have taken appropriate actions they did and if you see that the player was not banned it means Niantic does not see it as a spoofer and probably you are overeacting" which is the real Suppression, though not all of them are doing so on purpose.
It's picking the low hanging fruit and leaving the pros, and even that is a start.