Solved

How to report a Malicious URL without having WSA installed

  • 28 February 2013
  • 38 replies
  • 637 views

Userlevel 4
How do I report a malicious URL without having WSA installed? I had to uninstall WSA due to incompatibility. I have a phishing URL using Social Engineering. It's a fake FB login Screen that was sent to me. Someone on my friend list sent me an email saying I wouldn't believe who got video taped going to the bathroom lol Once you click on this link it takes you to the fake FB login page. Some of my friends have already fallen victim to this. It looks really convincing to the untrained user. It looks just like the real FB login screen.
icon

Best answer by JimM 28 February 2013, 19:07

View original

38 replies

Userlevel 7
I am not positive, but I believe the best way would be to Submit a Trouble Ticket
Userlevel 7
Badge +56
Send the link to the Support inbox and that should do it!
 
Thanks,
 
TH
Userlevel 7
I stand corrected... and the correct method duly noted :D
 
Thank you TH! 
Userlevel 7
Badge +56
@cuttingedgetech wrote:
How do I report a malicious URL without having WSA installed? I had to uninstall WSA due to incompatibility. I have a phishing URL using Social Engineering. It's a fake FB login Screen that was sent to me. Someone on my friend list sent me an email saying I wouldn't believe who got video taped going to the bathroom lol Once you click on this link it takes you to the fake FB login page. Some of my friends have already fallen victim to this. It looks really convincing to the untrained user. It looks just like the real FB login screen.
Also you should find out why you are having a incompatibility issue so you could ask them to look into that also.
 
TH
Userlevel 7
Badge +56
@DavidP wrote:
I stand corrected... and the correct method duly noted :D
 
Thank you TH! 
Same Idea as you David you just posted before me! ;)
 
Daniel
Userlevel 4
I will send it to them by their support inbox, but I don't expect they will get it in a timely manner that way. Also, Webroot has already addressed the incompatibility issue.
Userlevel 4
When I opened the support inbox it opened the same ticket I started months ago about the incompatibility issue I was experiencing. They may never get it. I had to use that ticket to send them the malicious URL
Userlevel 4
Thanks for the Help Tripple Helix!
Userlevel 7
They will get it.   By default, if a previous trouble issue was not 'hard closed' out, the system does bring you to the previous ticket.  That will not affect nor delay the Support staff receiving your bad URL submission.
 
Thank you for submitting it!
 
Userlevel 7
Badge +56
@cuttingedgetech wrote:
Thanks for the Help Tripple Helix!
They will get it and your Welcome! ;)
 
Daniel
Userlevel 4
Are we allowed to post the URL here? It's only a phishing site with no infection detected on the page. Their just using Social Engineering to fool users into believing their page is the actual Facebook login screen.
Userlevel 4
Ok, thanks DavidP!
Userlevel 7
Badge +56
No but you can send it to me via PM.
 
Daniel
Userlevel 4
Ok, I just sent it to you. I was going to send it to Eset to, but they never replied to my post at Wilders so I guess Webroot will have the priveledge of detecting it first lol
Userlevel 7
Badge +56
Thanks as it`s not being detected by the Web Threat Shield so thanks for submitting to support! ;)
 
Daniel
Userlevel 6
Cuttingedgetech, have you tried running a good malware program to clear things up?  MBAM?  SAS?  Both?  They are both freeware, so it may be worth a shot!
Userlevel 4
I don't have an infection. I'm just reporting a phishing site.
Userlevel 4
No problem Tripple Helix! I can't wait to get my test machines back so I can start find some Malware samples, and pages with exploits to report. .
Userlevel 7
Badge +56
I checked a few places and it comes back clean? I have sent you a PM!
 
Daniel
Userlevel 4
I mean pages using exploits to deliver their payload. I dont' see an option for editing post. Humm..
Userlevel 6
Well then, since it's a FB knockoff, maybe you want to get the FB spoofing email address and report it to them.
 
Incidentally, is it possible your email list has been hacked?
Userlevel 4
I don't see an option for reporting links on FB anymore. I had a long day at work today. I'm beat. Everyone have a good night or day depending on where you are!
Userlevel 7
Badge +56
@cuttingedgetech wrote:
I mean pages using exploits to deliver their payload. I dont' see an option for editing post. Humm..
Check for another PM but we will leave it upto the support team to deal with it!
 
Thanks,
 
Daniel
Userlevel 7
It looks like the support case was resolved in about an hour and a half via the support system.  Just as a point of clarification - the support system looks like one long conversation rather than individual "tickets."  However, your prior case was already resolved, so there was no confusion generated by discussing a new issue.  In fact, that's normal.  :)

For URL reputation change requests in WSA or WSA-Business Endpoint Protection, the support system is the best channel to reach out to us to have the reputation changed.

For URL reputation change requests in WSA-Mobile or WSA-Web Security Service, the support system is still a good choice, but you could alternatively look up the site via BrightCloud and use the change request link on the left side of the results page.
Userlevel 7
Thanks Jim! That is good to know about the alternate method for the Mobile versions! (Bookmarked)

Reply