How to Report Dangerous Websites

 

These days it's becoming increasingly difficult to avoid stumbling across dangerous sites. One of the biggest questions is what to do after. The first thing I would advise doing is making sure your computer has not been infected, which can sometimes happen even if you didn't click on anything. To do this please read my article about How to Know If Your Computer Is Infected. You should also report any malicious software which may have been downloaded by following my article about How to Report Malware or False Positives to Multiple Antivirus Vendors. However, what about the site itself? Why not actually do something about the fact that the site exists and other people can also stumble across it? In this type of situation I would suggest that you submit the site to multiple services which blacklist dangerous sites. Your submission may even lead to the site being taken off-line.

 

I have separated these services into those which are relevant for any type of dangerous site, those relevant for malicious or phishing sites, those relevant only for malicious sites, and those relevant only for phishing sites.  Also, inside of each category, I have identified those services which I would definitely advise submitting the site to. I have denoted these as the priority submissions. The other services, which are marked as tertiary submissions, are services which you can also submit the URL to, assuming you aren't in a hurry and have the time. Reporting the site to as many services as possible will produce best results, but if you're in a hurry at least make sure you submit it to the primary submissions. These will require very little work but will be very effective.

Changelog:

5/23/2014-Added link to Best Free Antivirus Software article.

 

Index

1. Report Scams To FBI Or Child Pornography To Proper Authorities

2. How To Report Site While Maintaining Perfect Anonymity

3. First Analyze URL With Online Scanners

4. How To Report The Site

    A) Services Which Blacklist Most Types Of Dangerous Sites

    B) Services Which Blacklist Malicious Or Phishing Sites

    C) Services Which Only Blacklist Malicious Sites

    D) Services Which Only Blacklist Phishing Sites

    E) Services Which Only Report Fake Pharmacies

 

1. Report Scams To FBI Or Child Pornography To Proper Authorities

 

If you were a victim of cybercrime of any sort, and are located in the United States, before you do anything else you should first file a complaint with the FBI/NW3C Complaint Center. Please note that all information provided to them should be as accurate as possible. Once this is done you can submit the site in question to the services discussed below, but reporting it to the FBI is the most important thing you can do to help fight back against the criminals.

 

Also, if you have come across any form of child pornography you can report it by going to this page and filling in as much information as you have. If you are worried about your anonymity then please follow the advice given in the next section when submitting the site.

 

2. How To Report Site While Maintaining Perfect Anonymity

 

If you are embarrassed to report a site, perhaps because it's content that you believe you shouldn't have been viewing in the first place, there are ways of masking your identity. Don't let this fear prevent you from helping others.

 

I'd like to point out that as far as I know none of the services discussed below are interested in investigating you for visiting sites of any content type. They are oriented towards making the internet a safer place for everyone. That said, if you are still worried you can make sure that your privacy is protected by following the advice I give in How to Protect Your Online Privacy. Also, in terms of sending or receiving emails, you should pay special attention to the section of the other article which focuses on email privacy.

 

3. First Analyze URL With Online Scanners

 

If a link has been shortened you can unshorten it, so you can analyze the actual website, by pasting it on this page.

 

Before submitting the site to the services discussed below scan the site with both URLVoid and VirusTotal. Also, if given the option, always choose to reanalyze the site. After the scanning is complete keep these results open as they will be very useful for determining whether the services referenced below already flag the site as dangerous.

 

4. How To Report The Site

 

Please report the dangerous URL to the services mentioned below. They are arranged in categories which should make it relatively easy to decide which services you should report the site to. Please note that regardless of the reasons you have for believing that the site is dangerous, you should always report it to the services in the category about Services Which Blacklist Most Types Of Dangerous Sites.

 

In addition, if it's a site which contains malicious content you should report it to the services in the sections about Services Which Blacklist Malicious Or Phishing Sites and Services Which Only Blacklist Malicious Sites. If it's a phishing site you should report it to the services in the sections about Services Which Blacklist Malicious Or Phishing Sites and Services Which Only Blacklist Phishing Sites. If it's a fake pharmacy you should report it to the service in the section about Services Which Only Report Fake Pharmacies.

 

A) Services Which Blacklist Most Types Of Dangerous Sites

Priority Submissions

Report Site to Web of Trust: Note that only users with a free Web of Trust account can rate websites. You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. Web of Trust users can also help others avoid the site by rating it, and leaving a comment, through the Web of Trust Toolbar. Note that you can also rate a site as safe.

Tertiary Submissions

Report Site to Trustwave: You can check to see if the site is already flagged as dangerous by pasting the URL on this page. If it is not flagged as dangerous you can report it on this page. Please include the URL and a description of why you believe that the site is dangerous. Note that you can also report false positives through the same form.

Report Site to BrightCloud: You can check to see if the site is already flagged as dangerous by pasting it on this page. If it is not flagged as dangerous select the option to "Request a new URL category" to assign it to a more fitting category. You can also "Request URL Reputation Change" to advise them to give it a low reputation.

Report Site To BitDefender: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If it's not flagged as dangerous you can submit the site to them by posting it on this page. Be sure to select "False Negative" and check the box for URL. False positives can also be submitted through the same form, although "False Positive" should be selected.

Report Site to Norton: You can check to see if the site is already flagged as dangerous by pasting the URL on this site. If it is not flagged as dangerous, and is a phishing site, anyone can report it on this page. For any other type of site only users with a free Norton Safe Web account can submit it. This can be done by checking out the site through this page and then adding your own review about it. If the site is still not blacklisted 5 business days after it was submitted you can create a new topic in this section of the Norton forums and inquire about it.

Report Site to Trend Micro: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If it is not found dangerous then analyze it on this page and then select the option to "Reclassify Request". You can then explain what is dangerous about the site and report the site as dangerous.

Report Site to Sophos: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it's not flagged as dangerous then in order to submit the site to them you can send an email to this email address. Please include the URL, and a description of why you believe it to be dangerous, in the message body.

Report Site to Fortinet: You can check to see if the site is already flagged as dangerous by pasting the URL into the search box on this page and clicking Lookup. If the site is not flagged as dangerous then you can report it by filling out the section for "Classification/Rating Request" and selecting the appropriate category.

Report Site to Web Security Guard: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If the site is not flagged as dangerous then you can submit it on this page. Please include the URL and a description of why you believe that the site is dangerous dangerous.

 

B) Services Which Blacklist Malicious Or Phishing Sites

Priority Submissions

Report Site to Google Safe Browsing:  You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it's not flagged as dangerous, and contains malicious content,  you can submit the site on this page. If it is a phishing site you should submit it on this page. The Google Safe Browsing blacklist is used for Chromium Browsers, Safari, and Firefox. If a site is currently flagged by Google as a Phishing Page, but you believe this is incorrect, you can report it on this page as a false positive.

Report Site to Yandex: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If the site is not flagged as dangerous you can report it by filling out the form on this page. Make sure to flag it as the correct type of dangerous site. The blacklist for Yandex is used for the Opera browser.

Report Site to hpHosts You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If the site is not flagged as dangerous you can submit it by sending an email to this address. Please include the URL, and a description of why you believe it to be dangerous, in the message body.

Tertiary Submissions

Report Site to Internet Explorer: To report any type of dangerous site, which is not already blocked by IE, make sure you are running IE and are still on the site in question. Then click on the Safety icon, which is in your toolbar, go to "SmartScreen Filter" and select "Report unsafe website".

Report Site to McAfee: You can check to see if the site is already flagged as dangerous by going to this page, choosing McAfee SiteAdvisor, and pasting the URL into the box. If it is not already flagged as dangerous you can report it by recommending a new URL category and providing comments in the box.

Report Site to AVG: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If it's not flagged as dangerous then in order to submit the site to them you can send an email to this email address. Please include the URL, and a description of why you believe it to be dangerous, in the message body. If the site is still not blacklisted 5 business days after it was submitted you can create a new topic on this page and report it. However, do note that making a topic on that page requires you to create a free account. Note also that false positives can be reported on this page.

Report Site to Comodo SiteInspector: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. To report the site as dangerous paste the URL on this page and click on the button to "Start The Scan". Then select the option to "Report as Malicious" and explain what you believe was dangerous about the site.

Report Site to Dr. Web: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it's not flagged as dangerous, but is either a malicious page or a phishing page, you can submit it on this page. If it's a phishing page you should choose "Objectionable websites" as the filter. Also, regardless of the type of site, be sure to include a description of why you believe it to be dangerous in the comment box. False positives can also be submitted through the same form.

Report Site To Malwarebytes: If you are not using their software there is currently no way to find out whether a site is blacklisted by Malwarebytes. Thus, my advice is to assume they are not aware of the site and report it to them. In order to submit the site to them you must submit it on their forum. Please include the URL and a description of why you believe it to be dangerous. Do note that you will need to make a free forum account in order to do this.

Report Site to K7: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it's not flagged as dangerous then you can submit the site to them by can emailing it to this email address. Please include the URL, and a description of why you believe it to be dangerous, in the message body.

Report Site to ESET: There is currently no way for those who are not using ESET products to tell if a site is already flagged as dangerous. Therefore, for those who are not using their products, my advice would be to assume that they do not yet flag it and submit it. To do that you can send an email to this address. Please include the URL, and a description of why you believe it to be dangerous, in the message body.

Report Site to Panda: If you are not using their software there is currently no way to find out whether a site is blacklisted by Panda. Thus, my advice is to assume they are not aware of the site and report it to them. In order to submit the site to them you must send an email to this address. Please include the URL, and a description of why you believe it to be dangerous, in the message body.

 

C) Services Which Only Blacklist Malicious Sites

Priority Submissions

Report Site to Wepawet: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If the site is not already flagged dangerous you can submit it by pasting the URL on this page and, unless you know additional information about the possible threat, selecting "Submit for analysis".

Report Site to MalwareURL: You can check to see if the site is already flagged as dangerous by pasting the URL on this page. If it is not already flagged as dangerous you can submit it on this page. Please include the URL and a description of why you believe it to be dangerous.

Report Site to MalwareDomains/DNS-BH: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. It is listed as "DNS-BH". If the site is not flagged as dangerous you can submit it by sending an email to this address. Make sure to include the output of the Wepawet analysis. Make sure this Wepawet analysis is as recent as possible.

Report Site to Malware Patrol: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If the site is not flagged as dangerous you can submit it by filling out the form on this page. Be sure to read the instructions carefully.

Report Site to Badwarebusters:  Although this service does not actually blacklist sites I have added it to this list because the information about the site is made available to many other parties and can therefore lead to the site being added to blacklists or removed from the internet altogether. Thus, regardless of whether services detect the site or not, you can submit it to Badwarebusters by filling out the form on this page. Make sure to include as descriptive an explanation of what makes the site dangerous as possible.

Tertiary Submissions

Report Site to urlQuery: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it's not found dangerous then in order to submit it you just paste the URL on this page and select "GO!".

Report Site to Anubis: To both check whether the site is already detected as dangerous, and submit it if it is, all you need to do is paste the URL on this page and click "Submit for Analysis".

Report Site to MalwareDomainList: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it is not already flagged as dangerous you can submit it by reporting it in their forum on this page. Do note that you will need to make a free forum account in order to do this.

Report Site to Scumware.org: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If the site is not flagged as dangerous you can submit it on this page. Please include the URL and a description of why you believe it to be dangerous. Note that false positives can be submitted through the contact form on this page.

Report Site to Minotaur Malware Analysis: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it's not flagged as dangerous you can submit the site on this page. Note that you can only post links leading directly to executables or PDF's. Also, only post the URL in the box. Do not post comments explaining why it's dangerous.

Report Site to MalwareBlackList: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If it is not already flagged as dangerous you can paste it on this page and select the option to "Submit URL(s)". However, do note that a free account is required. Note that false positives can be reported on this page.

Report Site to Avast: As far as I know, there is currently no way for those who are not using Avast products to tell if a site is already flagged as dangerous. Therefore, for those who are not using their products, my advice would be to assume that they do not yet flag it and submit it. To do that you can send an email to this address. Please include the URL, and a description of why you believe it to be dangerous, in the message body.

Report Site to GData: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results for G-Data.If it is not already flagged as dangerous you can paste it on this page. Please also include a description of why you believe the site to be dangerous.

 

D) Services Which Only Blacklist Phishing Sites

Priority Submissions

Report Site to US-CERT: Regardless of whether services detect the site or not you should always submit it to US-CERT by sending an email to this address. Please include the URL, and a description of why you believe it to be dangerous, in the message body. However, if you already reported the phishing email to US-CERT it is not necessary to submit it to them again.

Report Site to Phishtank: You can check to see if the site is already flagged as dangerous by looking at the VirusTotal results. If it is not flagged as dangerous, and is in fact a phishing site, you can submit the site on this page. Also, if you were not directed to the site via an email, mention this in the box. However, do note that a free account is required.

Tertiary Submissions

Report Site to NetCraft: You can check to see if the site is already flagged as dangerous by looking at the URLVoid results. If it is not flagged as dangerous you can submit the site on this page. Please include the URL and a description of why you believe it to be dangerous. Note that the first name you supply may be made public, thus you may want to refrain from providing them with that sort of information.

 

E) Services Which Only Report Fake Pharmacies

Report Site to LegitScript: You can check to see if the site is already flagged as rogue by posting the URL of the pharmacy into the box on this page labeled "Check Online Pharmacy Legitimacy" and clicking Verify. If it is not already flagged as rogue it will provide you with options for reporting it. Be sure to provide any information you believe is relevant.

 

 

 

 

Please help by rating this article. Also, if you believe this article deserves anything less than 5 stars, please leave a comment below explaining how you think it can be improved or where you find fault. This article is written by me but fueled by the community. Thus your opinions and advice are not only much appreciated, but actually necessary in order for this article to grow and improve.

 

If you found this article useful then perhaps you'd like to check out some of my others.

Best Free Antivirus Software

How to Avoid Spam

How to Clean An Infected Computer

How to Fix a Malware Infected Computer

How to Harden Your Browser Against Malware and Privacy Concerns

How to Install Comodo Firewall

How to Know If Your Computer Is Infected

How to Protect Your Online Privacy

How to Report Malware or False Positives to Multiple Antivirus Vendors

How to Report Spam

How to Stay Safe While Online

How to Tell if a File is Malicious

How to Tell If A Website Is Dangerous

 

This software category is maintained by volunteer editor Chiron. Registered members can contact the editor with any comments or suggestions they might have by clicking here.

 
Share this
4.625
Average: 4.6 (24 votes)
Your rating: None

Comments

by BillR on 30. January 2014 - 18:42  (114080)

BitDefender links are to the BD forum, which has lots of detail, but the actual form to submit _either_ a FILE or a URL as _either_ a FALSE NEGATIVE or a FALSE POSITIVE appears to be:
http://www.bitdefender.com/site/Main/automaticSampleUploader/
(Or maybe I didn't look through enough of that detail.)

Unfortunately the BitDefender procedure is rather clumsy. There is no way to add a title/subject (flaw) and all email responses refer _only_ to the case number (major flaw). NOTE, you must record and track both the case number and the subject/content yourself because all responses from BD refer only to the case number. BD does not include the original comment or the submitted URL! BD does not include a link to the case number on their site! No obvious link/search on the support page to follow the case number. The email title is primarily the case number. Speculation: file submission will have similar problems.

The form itself is easy to use but overall this is an unfriendly design with little apparent thought given to the user.

by Chiron on 9. February 2014 - 2:33  (114336)

Thank you very much for pointing this out to me. Many users would be much more willing to use this form than create an account in the forum. I have therefore edited the article to point to this form.

Thanks again.

by BillR on 29. January 2014 - 11:22  (114016)

Thanks for gathering and organizing this and related security topics, Chiron. I know two site owners and other several users who have found this topic set useful (especially for FP).

MORE FP INFO: Please consider expanding this topic (reporting dangerous websites) to discuss reporting false positives / requesting reevaluation for each site/product/vendor. A few entries already include this information but it should be more prominent (as should the malicious report info). The table format in the file false positive topic might work but a simple consistent addition of a bold inline title (e.g., "Report Malicious Site:" and "Report False Positive:") might be easier.

Ideally all products/vendors included by VirusTotal.com (URL) and URLvoid should be listed (easier said than done) as well as any other services mentioned in your topic set (like "Is it Safe?" list). VirusTotal and URLvoid have both expanded their vendor participation. I was going to use avast! as an example of a description that might might need updating but neither metascanner includes it.

FYI: AutoShun (by Risk Analytics; included in VirusTotal) - Emailing a polite request to review a site rating ("Suspcious") and several specific pages resulted in the vendor correcting their database in less than 1 hour(wow! to be commended). Customers may have other/better/priority options.
emailto: Support@RiskAnalytics.com ?subject= False Positive

FYI: DR.Web - Apparently all URL checking in VirusTotal (URL) is related to the Parental Control module. Who knew!
"You can report links to websites mistakenly rated by the Parental control module as undesirable to our laboratory at the following address:" https://support.drweb.com/new/urlfilter/

FYI: malwares.org / Saint Security - Missing product/vendor. Appears in VirusTotal URL/IP reputation check but main page of site scans files (2GB limit!). Contact?: root@malwares.org
"malwares.com has been integrated in VirusTotal as a URL checker and as of today URL scans will be enriched with their dataset of malicious verdicts." -- VT Blog

by Chiron on 9. February 2014 - 0:59  (114330)

Thank you very much. I have contacted AutoShun to find out about how users should submit sites to them, what kind of sites are acceptable, and how false positives should be submitted. Once they get back to me with answers to those questions I will add them to this list.

As for Dr. Web, as far as I can tell, I was already linking to the correct page. Has something changed in the way it works.

For malwares.com, as far as I can tell they only accept samples, not URL's. Therefore, perhaps what VirusTotal is using it for is to keep track of which sites the analyzed malware communicate with. That said, as it is not apparent I have sent them an email inquiring about whether there is a way for users to submit sites to them, although root@malwares.org does not seem to work for contacting them.

As for the inclusion of false positive reporting options, this was not the main concern of this article when I first created it. However, over time I have collected more information about this. If you find any more information about submitting false positives please let me know. Also, at some time in the future I may make it more evident, perhaps using a table as you suggested.

Thank you.

by Chiron on 9. February 2014 - 3:02  (114340)

Actually, AutoShun contacted me and let me know that user submissions are not allowed. Thus, they are not suitable for being added to this article.

Thanks.

Gizmo's Freeware is Recruiting!

Gizmos Needs YouShare your knowledge of free software with millions of Gizmo's readers by joining our editing team.  Details here.