Making Life Hard for a Phisher – How to Report a Phishing or Malicious Website
When you receive an email with a phishing or malware link in it, what do you do? If your answer doesn’t get that site blocked across all major browsers, you aren’t going far enough!
In less than two minutes, you can essentially take a malicious website offline and make life a bit harder for a phisher and safer for everyone else. Here are the steps that you need to do:
Step 1: Check the Website
The quickest and safest way to verify that a link is malicious or designed for phishing is to run it in a sandbox service.
For a phishing website:
Enter the URL on this page: https://checkphish.ai/. You should see a screenshot of the website and any phishing flags (ex: if the website is impersonating another site’s login page).
For a website with malware:
Enter the URL on this page: https://www.virustotal.com/#/home/url. You can also upload suspicious files or attachments to VirusTotal for analysis.
Step 2: Report the Website
Now that you know what you are dealing with, report it by using these links. Each will take only 30 seconds to complete.
Report a Phishing Website
Report a Malicious Website
And that is it! In a couple of minutes, that website should be flagged as a phishing or malicious URL. This protects everybody using those browsers. Occasionally, it might take 15 or 20 minutes to start being flagged.
It is incredibly satisfying to see a malicious website that you reported being prevented from loading! If you are interested in more tools or additional information on reporting, see this page for inspiration.