Author

Topic: Domain host and their abuse contact (Read 354 times)

hero member
Activity: 1344
Merit: 540
July 08, 2020, 06:17:38 AM
#17
@OP You can add OpenProvider, a lot of sites use it: https://support.openprovider.eu/hc/en-us/articles/360001725008-Reporting-abuse
Thanks added this to the list as well. And I agree that most of them don't really respond, while others will gave you ticket numbers to follow up. But I think it will be good if we will pro-actively reports phishing/scam sites to their domain host registrar, specially that hackers are very active more than ever.
copper member
Activity: 1204
Merit: 737
✅ Need Campaign Manager? TG > @TalkStar675
July 06, 2020, 01:08:30 PM
#16
Reporting to Google isn't very effective, sometimes they don't react to reports at all. I remember that some phishing websites like Bitcointalk.to were reported by forum members so many times, but they never removed it.
While from my experience, hosting providers reacts quite fast and they soon shutdown phishing website.
Google response rate in this field isn't quite impressive and i am agree with you too. Though their response is quite fast in Play store apps related abuse reports and they take not more than 24 hours to take actions against the app which violate their terms and condition.  

For phishing websites i always prefer to contact hosting providers to get faster results and most of the time it works so well.  
staff
Activity: 3500
Merit: 6152
July 06, 2020, 12:41:22 PM
#15
You could as well just whois the website.
An abuse contact is included.

For example:
-snip-

I think it depends on the service. From my experience, Namecheap doesn't always respond to emails written to the abuse email you mentioned. I always end up reaching out to them using the ticketing system.

@OP You can add OpenProvider, a lot of sites use it: https://support.openprovider.eu/hc/en-us/articles/360001725008-Reporting-abuse
legendary
Activity: 1624
Merit: 2481
July 06, 2020, 11:59:07 AM
#14
You could as well just whois the website.
An abuse contact is included.

For example:

Code:
$ whois bitcointalk.org

Domain Name: BITCOINTALK.ORG
Registry Domain ID: D162601474-LROR
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2019-11-24T14:01:10Z
Creation Date: 2011-06-24T05:19:00Z
Registry Expiry Date: 2029-06-24T05:19:00Z
Registrar Registration Expiration Date:
Registrar: NameCheap, Inc.
Registrar IANA ID: 1068
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.6613102107


You need the whois anyway to figure the registrar out.
Might as well use the included abuse contact (mail & phone in this case).
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
July 06, 2020, 06:25:34 AM
#13
Best way to combat phishing websites is reporting them to google
https://safebrowsing.google.com/safebrowsing/report_phish/

Almost everyone in the world runs google chrome, or uses google. Their response is super fast as well.
Abuse report emails take too long to respond, or often go straight into trash.
No it's not. It least my experience is completely different. Reporting to Google isn't very effective, sometimes they don't react to reports at all. I remember that some phishing websites like Bitcointalk.to were reported by forum members so many times, but they never removed it.
While from my experience, hosting providers reacts quite fast and they soon shutdown phishing website.
newbie
Activity: 21
Merit: 1
July 05, 2020, 08:03:04 PM
#12
Best way to combat phishing websites is reporting them to google
https://safebrowsing.google.com/safebrowsing/report_phish/

Almost everyone in the world runs google chrome, or uses google. Their response is super fast as well.
Abuse report emails take too long to respond, or often go straight into trash.
hero member
Activity: 2842
Merit: 772
July 05, 2020, 06:13:19 PM
#11
Just sharing my experience reporting a fake website in Namecheap, usually it will take like 3-5 days before you can get a response from them or you simply won't get anything from them. Or better yet tweet them here to get attention and then see if they will reply:

https://twitter.com/Namecheap
hero member
Activity: 1344
Merit: 540
July 05, 2020, 11:36:50 AM
#10
Can you please elaborate more? Share some links perhaps to those researchers who quited reporting phishing sites because it's just a waste of time? I'm interested, because as a researchers you have to do everything in your control to help take down those malicious sites. I will be happy to read it online (if there is one).

Here's one of the prominent ones, @JAYTHL. Disappeared and no one knows where he went: https://twitter.com/NathanMcNulty/status/1267526318716903424

Because those site hosts such as NameCheap still want things to be manually spoonfed (i.e. please submit a report through our form), rather than actively taking action against those abused sites or threat actors when the malware researchers have already spent time identifying the threat names, domains involved, hash/ files and the stages.
Thanks for the link.

However, I believed that Namecheap for example has been called out, specially when cyber actors used Covid-19 themes, Domain Registrars Take Action Against Fraudulent COVID-19 Websites. Not just them, but most of the domain registrars that I put up in my first post.

Might take some time for them to take down those sites if they are reported, but I think they do listen.
hero member
Activity: 2128
Merit: 532
FREE passive income eBook @ tinyurl.com/PIA10
July 05, 2020, 10:00:05 AM
#9
Can you please elaborate more? Share some links perhaps to those researchers who quited reporting phishing sites because it's just a waste of time? I'm interested, because as a researchers you have to do everything in your control to help take down those malicious sites. I will be happy to read it online (if there is one).

Here's one of the prominent ones, @JAYTHL. Disappeared and no one knows where he went: https://twitter.com/NathanMcNulty/status/1267526318716903424

Because those site hosts such as NameCheap still want things to be manually spoonfed (i.e. please submit a report through our form), rather than actively taking action against those abused sites or threat actors when the malware researchers have already spent time identifying the threat names, domains involved, hash/ files and the stages.
hero member
Activity: 1344
Merit: 540
July 05, 2020, 09:50:30 AM
#8

Also if you find any domain providers using a phishing site for the above mentioned domains, you need to report abuse to the original site by using the form or email as mentioned in the OP.

Imagine being a malware researcher on social media and you compiled the evidences, posted them and tagged those companies involved, and yet they still requested you to submit a case/ form.

That's why some researchers quitted or just gave up reporting because they couldn't be bothered. Saw that happened to one not too long ago.
Can you please elaborate more? Share some links perhaps to those researchers who quited reporting phishing sites because it's just a waste of time? I'm interested, because as a researchers you have to do everything in your control to help take down those malicious sites. I will be happy to read it online (if there is one).
hero member
Activity: 2128
Merit: 532
FREE passive income eBook @ tinyurl.com/PIA10
July 05, 2020, 05:11:21 AM
#7

Also if you find any domain providers using a phishing site for the above mentioned domains, you need to report abuse to the original site by using the form or email as mentioned in the OP.

Imagine being a malware researcher on social media and you compiled the evidences, posted them and tagged those companies involved, and yet they still requested you to submit a case/ form.

That's why some researchers quitted or just gave up reporting because they couldn't be bothered. Saw that happened to one not too long ago.
sr. member
Activity: 2030
Merit: 356
July 05, 2020, 01:18:31 AM
#6
How can I know that a website if registered to one of those domains?
If there a tool which I can use in order to find out the domain provider of a website? Otherwise I am going to just trying to contact randomly domain providers.

Also if you find any domain providers using a phishing site for the above mentioned domains, you need to report abuse to the original site by using the form or email as mentioned in the OP.
hero member
Activity: 1344
Merit: 540
July 04, 2020, 08:55:59 PM
#5
I'm just going to bump this thread, to help those who wanted to go directly report scam/phish/fake giveaways/malicious websites related to cryptocurrencies.
legendary
Activity: 2576
Merit: 1655
May 05, 2020, 05:03:32 AM
#4
How can I know that a website if registered to one of those domains?
If there a tool which I can use in order to find out the domain provider of a website? Otherwise I am going to just trying to contact randomly domain providers.

Here, I've written a [Guide] How to find domain name registrar.
sr. member
Activity: 728
Merit: 256
May 04, 2020, 12:20:21 PM
#3
How can I know that a website if registered to one of those domains?
If there a tool which I can use in order to find out the domain provider of a website? Otherwise I am going to just trying to contact randomly domain providers.

https://who.is is your friend. Smiley
member
Activity: 980
Merit: 62
May 04, 2020, 09:09:47 AM
#2
How can I know that a website if registered to one of those domains?
If there a tool which I can use in order to find out the domain provider of a website? Otherwise I am going to just trying to contact randomly domain providers.
hero member
Activity: 1344
Merit: 540
May 03, 2020, 07:01:34 PM
#1
I collected some well known domain host company and their abuse contact. We all know that there are a lot of phishing sites registering on the below hosting company. So if you found phishing sites and they are being host on the below services, it might be better if you contact them and report the malicious website so that it will be taken offline.

It will just a couple minutes of your time, but it will help a ton to clean up the crypto-sphere.

Basically it will just ask you the basic questions: name of the site, type of violations (scam/phishing), and some notes/descriptions.


1. https://www.domain.com/

https://www1.domain.com/legal/report_spam_and_abuse.bml

2. https://www.namesilo.com/

https://www.namesilo.com/report_abuse.php

3. https://www.namecheap.com/

https://support.namecheap.com/index.php?/Tickets/Submit

4. https://www.godaddy.com/

https://supportcenter.godaddy.com/AbuseReport

Email: [email protected]

5. https://www.hostgator.com/

Email: [email protected]

6. https://www.dreamhost.com

Email: [email protected]

7. https://www.buydomains.com

Email: [email protected]

8. https://www.bluehost.com/

Email: [email protected]

9. https://openprovider.com/

https://support.openprovider.eu/hc/en-us/articles/360001725008-Reporting-abuse

Please let me know if I missed something, I will add it add to the list. Thank You.
Jump to: