[zirgs]

My ISP actually sent me an email that said that one of my devices have an open TCP 445 port and advised me to fix it. Apparently Windows opens it by default and it can be exploited by some malware.

But I've never received a threatening letter about piracy. ISPs in my country simply don't send those.

[ZalorCakeLord]

My ISP will send letters or emails, but only if they get a complaint from the company in question. Usually what ends up happening is a company watches a torrent, and takes down a list of all the ip addresses downloading it. They then send boilerplate complaints to the isps associated with said ip addresses, who are legally required to do something about it. My little brother got in trouble this way lmao, they sent a letter to our house about it.

[NoZebra120vClip]

Many ISPs have clauses in their TOS that prohibit running any server of any kind. So it may be the case that your ISP regularly runs sweeps to detect customers who are running servers, and this warning may be a side effect of that sweep.

I often used to poke holes in my firewall and run VPN or ssh servers that were discoverable using my dynamic DNS service. My ISP never got involved with that. Of course, that was a case of me running a server for my exclusive use, rather than some sort of public web or login server that would have randos sending traffic across my link.