Specify (anti-)abuse

[sysrqb]

This is based on a work-in-progress patch I already had. #9 describes different categories:

1. an attacker compromising/utilizing a large number of machines (botnet) to perform an attack (DDoS) against a service
2. an attacker attempting to impersonate a victim (account takeover/credential theft)
3. collaborative anti-abusive and threat intelligence sharing

This patch takes a slightly different approach and enumerates more specific classes of attack/malicious activity. I'm not tied to this, but I think being more specific now will help us in the future.

[sysrqb]

I'll assume this is good enough. We'll continue improving these sections, in any case.