# Suspicious Addresses

Suspicious Transactions are labeled in ChainArgos as "sus". 

A "sus" address is one that has:

* received a transfer from a known scam (e.g. cashing out of stolen funds);
* received a transfer from a sanctioned address (whether by OFAC or any other governmental organization);  
* to/from transaction with an address flagged as a terrorist address (in this case, because both directions for the transfer could potentially be nefarious); or
* to/from transaction with an address blacklisted by the token issuer themselves (e.g. Tether regularly blacklists addresses and both directions for the transfer could potentially be nefarious). 

The threshold for a "sus" transaction is any transfer >1 from a known scam, terrorist, or blacklisted address. 

Given the expansive nature of the "sus" label, exchange wallets will almost always inevitably be labeled "sus" because they would be within one degree of separation of a "sus" address that may have used the exchange's services.