How do I dispute my website from being reported as "unsafe"

I have been on the phone for hours with support.  It has gotten me absolutely nowhere because they have no clue what to do (which fascinates me).

My site is being reported as "unsafe", which is absolutely not true.  It does not do this to me, but to my customers who browse using MS Edge or Internet Explorer.  The message is appearing from Windows Defender.  Here's an image of it from one of my customers:

I am well aware of how people can report my site as safe when this message is up and appearing.  But that does not answer how I, as the business owner, can dispute this false report.  I have already looked through the MS FAQ link on this topic on how to dispute AND how to ensure my site doesn't have a high chance of being flagged (https://feedback.smartscreen.microsoft.com/smartscreenfaq.aspx).  Again, it's not helpful unless the message above is up.  

So how do I as a business owner dispute this?  I cannot believe that MS would not have a department for this since anyone with a personal vendetta can falsely accuse a site as "unsafe".  How do I get to the "team of graders" referenced in the FAQ site?  I am frustrated beyond belief, Microsoft.  You'll have to explain to me why you've made it so easy to report a site as "unsafe", yet seemingly impossible for the site owner to dispute it.  That's not right.  

Tim 

|
Send it in using the Feedback Hub, generate a short link, send it to me so I can bring it to the attention of the engineers.

https://windows10.help/blogs/entry/54-how-to-su...
Best regards,
Andre Da Costa
Independent Advisor for Directly

1 person found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Thank you!  Here's the link: https://aka.ms/AA2lo8e

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Thanks, gonna vote on it and add commentary.
Best regards,
Andre Da Costa
Independent Advisor for Directly

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Whats the name of the feedback? Because Feedback Hub is saying I don't have access.
Best regards,
Andre Da Costa
Independent Advisor for Directly

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

The title of it is "My site is incorrectly being reported as "unsafe"'.

Thank you again.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi,

the screen shot is for the website demo.smartscreen.msft.net, which is the test website from MS that is used to test whether or not Windows Defender smart screen is turned on in a users web browser.

What is the address of your website?

(Please include links to problem websites with your questions here.)

Your users may have installed a third-party anti-virus program on their computers that disables their IE settings for

Tools>Internet Options>Advanced tab, "Enable Windows Defender Smart Screen"

ask them if the above setting is turned off in Internet Options. Make sure they are actually trying to reach your website with its correct address (they have an old website link in their favorites list) AND their version of windows and IE that they are using.... only IE11 is supported now.... IF they are still using Windows XP and IE8 they need to buy a new windows 10 computer... XP computers cannot support websites that use an IPV 6 IP address.

Regards.

Rob^_^ wang'you

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Thanks for the reply and ideas.  

The site is https://www.thedroneu.com/.  I have been able to narrow down that it for sure only happens with MS Explorer and Edge, and only when someone is trying to check out on my site.  So they go to the following link, fill out the info, click on "Place Secure Order" and that is where it happens (https://www.thedroneu.com/checkout/?rid=p6XUVs).  

I was able to replicate this yesterday once I figured this info out.  At that time, I also filed a dispute.  I still do not understand why or how this is happening.  The message said the site was reported to be "phishing", but that is simply untrue. 

If you're able to replicate it I would great appreciate you disputing it also.  Any other ideas are welcomed.  

Thanks again.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi,

thanks for the detailed reproduction steps... this is exactly what we need to know to help you.

lets see....ok... I can't reproduce the issue because I don't have an user account, but

your smart screen warning should show the offending third-party host that is raising the warning. Did you note it down (the web address at the top of the smart-screen warning)… this is the web address we need to know.

you are using wordpress…free versions of wordpress websites may contain advertising from unknown third parties,

but

it is more likely to be the wordpress shopping cart 'plugin'/widget that you are using, since it is raised when a user submits their order request at https://www.thedroneu.com/checkout. I cannot access that page because I don't have a site account and I am not logged in.

You will need to view your source code for the page at www.thedroneu.com/checkout on your wordpress server and find out which wordpress plugin you are using there....

or

using the f12 dev tool in IE or edge or other web browser, either use the DOM Explorer tab or the networking tab to find the web address of third-party plugins used on that page....

Possibly, a user web browser plugin (a toolbar or a compromised flash version) may be involved.. you may have to run your testing web browsers in noAddons mode in order to reproduce the issue in other web browsers... stick with using IE. You can start IE in noAddons mode from Start>Run>iexplore.exe -extoff. To block ActiveX plugins (flash, Java SE) turn on ActiveX filtering (Tools>ActiveX filtering).

The bottom line.

We need the web address that you saw on your smart-screen warning.

This is likely to be the web address of your wordpress shopping cart plugin that you have installed on your server and use on your checkout page.... It may be a deliberate malware use, or the hosting address of the wordpress plugin may have been compromised.

It could still be demo.smartscreen.msft.net indicating that the attack has some sophistication and they are trying to hide their real web address.

You will need to find out.

The name and vendor details of the wordpress plugins used on your site...

or

If you have hired a wordpress developer, contact them to identify and replace the plugin with an uncompromised plugin.

It could be actually your website that has been compromised... Ask your developers to review what files they have placed on your server and their sources.

… that's all we can do on this end.

I can understand how this can be disrupting your sales and affecting your sites reputation... you must attend to this immediately, and track down and replace the offending code/plugin on your site.

Regards.

Additionally I would highly recommend that you contact your wordpress hosting provider (wildwestdomains?) or the support forums at developer.wordpress.com. They may have tools that they can use ot track down any security breaches and to 'harden' your website. You may like to upgrade your hosting plan to remove any third-party advertising.

your site dns record can be viewed here -

https://centralops.net/co/DomainDossier.aspx?addr_lkup=1&dom_whois=1&net_whois=1&dom_dns=1&traceroute=1&svc_scan=1&addr=www.thedroneu.com

the site security certificate has a long list of aliases. It appears that your hosting provider has bundled your certificate chain to a large number of other third-party sites.

Rob^_^ wang'you

1 person found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Thanks again for all the info.  I'll contact my Developer about what you're saying.

Here's a screenshot of the warning.  I'm not seeing anything indicating where the report originated.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi,

the phishing report says www.thedroneu.com is the reported phishing domain, your whois record shows 4 IP addresses for that conical name. Updated Date: 2018-09-04T16:42:10Z

https://centralops.net/co/DomainDossier.aspx?addr_lkup=1&dom_whois=1&net_whois=1&dom_dns=1&traceroute=1&svc_scan=1&addr=www.thedroneu.com

You should ask what was changed by your hosting provider (or web master) on 9/4/2018... The site certificate chain has thedroneu.com listed in the alternate addresses. I am no expert, but I would expect *.thedroneu.com not thedroneu.com

Regards.

Rob^_^ wang'you

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info


Last updated June 12, 2021 Views 1,558 Applies to:

Related Forum