First step in abuse reporting is to determine what kind of abuse is it.
You can learn more about the different kind og abuse
The five main groups is these (source)
Malware is malicious software, installed on a device without the user’s consent,
which disrupts the device’s operations, gathers sensitive information, and/or gains
access to private computer systems. Malware includes viruses, spyware,
ransomware, and other unwanted software.
Botnets are collections of Internet-connected computers that have been infected
with malware and commanded to perform activities under the control of a remote
administrator.
Phishing occurs when an attacker tricks a victim into revealing sensitive personal,
corporate, or financial information (e.g. account numbers, login IDs, passwords),
whether through sending fraudulent or ‘look-alike’ emails, or luring end users to
copycat websites. Some phishing campaigns aim to persuade the user to install
software, which is in fact malware
Pharming is the redirection of unknowing users to fraudulent sites or services,
typically through DNS hijacking or poisoning. DNS hijacking occurs when
attackers use malware to redirect victims to [the attacker’s] site instead of the one
initially requested. DNS poisoning causes a DNS server [or resolver] to respond
with a false IP address bearing malicious code. Phishing differs from pharming in
that the latter involves modifying DNS entries, while the former tricks users into
entering personal information
Spam is unsolicited bulk email, where the recipient has not granted permission for
the message to be sent, and where the message was sent as part of a larger collection
of messages, all having substantively identical content
Spam however is not dns abuse as such, only when used for delivery mechanism for
the other types of dns abuse.
How do you find out where to report and who to contact. The registrar stakeholder group
in ICANN also known as RrSG have created a tool called Abuse Contact IDentifier (ACID)
You can find it here or if you don’t want to do that investigation then you can
go to NetBeacon here
One thing to keep in mind here is these tools is primarily made for gTLDs.
For ccTLD (countrycode domains) there is no collective tool for now but my take on this is that
NetBeacon will be available for these too in the future.