Easily Report Phishing and Malware
This is how you can strike back at criminals sending phishing spam - by getting their webpages on blacklists. Blocking their sites helps protect other people and helps researchers trying to stop this. Sites can be blocked within 15 minutes of your report, but you may not immediately see it.
Report phishing website:
Right-click the link in the phishing email, and copy the hyperlink. Do not click the link, which is less useful to security companies.
- VirusTotal - Send to computer security companies
- UrlQuery.net - Get screenshot, analyze for known risks, create public record (don't need to wait)
- Google SafeBrowsing - Block in Chrome, Firefox, Android, iPhone, and Google
- NetCraft - Send to computer security companies
- Symantec - Submit to Norton and Blue Coat
- Webroot BrightCloud - Provides data to PaloAlto firewalls, many others
- Cisco PhishTank - Very effective, but requires registration
Report phishing/file hosting abuse directly:
- VirusTotal.com (Shares reports publicly, shares files with Premium subscribers)
- Hybrid-Analysis.com (Shares reports publicly, uses Payload Security's VxStream sandbox)
- Malwr.com (Shares reports and files publicly)
- Microsoft (Select 'Home User')
- Webroot (Detections and threat intelligence go to multiple other products)
- ClamAV (For files that came through email, this engine used by spam filters)
- Deepviz sandbox (Shares reports publicly, Submits to Malwarebytes)
- Fortiguard (leave name and email blank and hit scan)
- OPSWAT Metadefender (EXE only)
Report phishing/spam text (SMS) message:
Copy the contents of the spam SMS and paste it into a message to this four-digit number. This reports it to your phone company so they can search for who sent it and block them. Don't click the link, it could be dangerous!
7 7 2 6 ( S - P - A - M )
On iPhone: Hold your finger on the message, tap "More...", tap the Forward icon in the bottom right of the screen.
Report unsolicited calls and SMS
Use the form on SpamResponse.
Report abuse to website hosts:
Find who hosts the website with WhoIsHostingThis and search Google for "webhost + abuse" to find their complaint contact information.