Scroll Top
  • Home
  • Articles
  • What to do when your app is wrongly classified as a phishing attack

Table of Content

What is a False Positive?

Using VirusTotal and URLVoid to Check for Phishing Flags

Contacting Security Vendors to Report False Positives

Preventing Future False Positive Classifications

Conclusion

ARTICLE

What to do when your app is wrongly classified as a phishing attack

In the digital world, trust is paramount. Atfinity recently faced a challenge when their app was wrongly classified as a malicious phishing attack. Our swift action resolved the issue quickly, however it took us a while to do so. Our situation highlighted to us once more the importance of proactively checking and addressing false phishing classifications for our web apps. With this blog post, I would like to guide you through the process of checking for false phishing classifications and how to resolve them.

Share

What is a False Positive?

A false positive in cybersecurity refers to the incorrect identification of a legitimate website or app as malicious. False positives can mean users cannot access your app and damage your reputation. It’s crucial to address these issues as soon as possible. This is often easy: It’s also good to understand false positives also harm the reputation of the phishing database. If they have many false positives, users stop trusting their judgement. So it’s usually straightforward to report a false positive to them.

Using VirusTotal and URLVoid to Check for Phishing Flags

Two powerful tools to check if your web app has been flagged as a phishing attack are VirusTotal and URLVoid. These platforms aggregate data from multiple security vendors, providing comprehensive insights into the security standing of your online presence.

To use VirusTotal or URLVoid, visit their respective websites, enter your website’s URL, and review the results. If flagged by one or more security vendors, it’s crucial to address these issues immediately.

Contacting Security Vendors to Report False Positives

Resolve false positive classifications by contacting each security vendor that has flagged your website or app separately. Different vendors have different requirements for reporting false positives, so follow their specific guidelines.

When contacting security vendors, consider these tips for effective communication:

  State your credentials: Say who you are and why you are reporting this.

  Be clear and concise: Clearly state that your web app has been falsely classified as a phishing attack and that you would like a reclassification.

  Provide evidence: Offer any evidence that supports your claim, usually a short but concise explanation of your web app’s purpose and functionality.

Preventing Future False Positive Classifications

To minimise the risk of future false positive phishing classifications, there are a few things you can do:

  Inform your users: If your page is an app, consider adding a short text on your login informing users what they are logging into. By doing so, you can alleviate any concerns visitors may have and provide a clear course of action in case they do end up on your web app login accidentally.

  Monitor your online reputation: Regularly check your web app’s security standing using tools like VirusTotal and URLVoid.

  Stay up-to-date with cybersecurity trends: Ensure that your web app remains secure and compliant with industry standards. Keep in mind that some websites are actually taking over and constitute a real attack. Keeping your website secure will make it harder for hackers to take over your website.

Conclusion

The steps shown in this article represent a pragmatic and efficient approach to addressing false positive phishing classifications: Monitor your web app regularly to know if anything is wrong before your users do. If you are flagged falsely, report the false positives to all security vendors that flagged you. Even better, lower the risk of false positives by clearly telling users what they are logging in. As always, also keep your web apps secure to prevent actual attacks. Act promptly to safeguard your online reputation and ensure that your web app remains untarnished by unwarranted phishing flags.

Share

Join the Future of Banking

Book your demo today and see why leading financial institutions
worldwide trust Atfinity to drive their digital transformation.

Join the Future of Banking

Book your demo today and see why leading financial institutions worldwide trust Atfinity to drive their digital transformation.

Leave a comment

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.