Author Topic: False positive site blacklisted as phishing (Read 9631 times)

Asyn · « **Reply #30 on:** September 26, 2018, 11:02:41 AM »

Quote from: HonzaZ on September 26, 2018, 10:53:48 AM

Quote from: Asyn on September 26, 2018, 10:23:40 AM
Quote from: HonzaZ on September 26, 2018, 10:01:24 AM
Also we have many automatic unblocking systems, but as your domain only had a couple of visitors during the weekend, it was not even considered (certain traffic is needed to enter the algorithm).
Interesting, thanks Honza, good to know.
Just to be clear - we have a couple of automatic unblocking systems, but the one that could unblock this particular domain needed bigger traffic.

OK, roger that. Cheers

REDACTED · « **Reply #31 on:** September 26, 2018, 02:47:50 PM »

@HonzaZ, thanks for your answer.

My original question was with the purpose of understanding why the content we served was deemed malicious and how to prevent it in the future (best-practices).

We were certainly not serving malicious content, since it was only testing htmls and images.

Is there any kind of information you can share about this?

Thanks again

HonzaZ · « **Reply #32 on:** September 27, 2018, 10:47:29 AM »

Hi,
what I was trying to say (apparently unsuccessfully) was that there are many independent algorithms which block URLs based on many factors. Even if I told you each algorithm in detail (which would take at least a two day seminar), it can be changed in the future anyway, so there is no incentive to do that.
Just as polonus said, the best way to avoid detection is to "behave normally", have no vulnerabilities, serve no malicious code etc. But even then there can be false positives.

Author Topic: False positive site blacklisted as phishing (Read 9631 times)

Asyn

Re: False positive site blacklisted as phishing

REDACTED

Re: False positive site blacklisted as phishing

HonzaZ

Re: False positive site blacklisted as phishing