Is your site a Phishing site?

[speed]

This morning I received an email from a potential customer saying that when they arrived at the checkout IE7 flagged my site as a phishing site.

Needless to say they headed the warnings and didn't pay.

I've installed IE7 RC1 on a clean install of Windows XP and tested the site, sure enough IE7 RC1 declares it as a potential phishing site.

I've checked others of my sites that are using the exact same checkout and they have not been flagged as phishing, so it's not a coding problem. I've also looked at a few friends sites and low and behold some of them are also showing as phishing sites, like me they were completely unaware of their sites as being flagged.

I know for sure that I've lost one customer today and while IE7 is only a release candidate the number of people using it should be low, however once it is released it will be an automatic update for SP2 users as I understand it, therefore how many customers will I loose.

Not to forget the potential damage to my sites and my reputation.

I've reported the mistake to MS but so far no word.

Have you checked your sites in IE7 with the phishing filter enabled, if not I would?

Does anyone know how to avoid a site being flagged?

[aviator67]

From the phishing filter help:
-------------------------------
If you believe that a website has been mistakenly flagged as a phishing site, do the following:

To report errors to Microsoft

In Internet Explorer, go to the website that is inaccurately being reported as a phishing website.
Click the Tools button, click Phishing Filter, and then click Report This Website.
Use the webpage that is displayed to report the error.

[speed]

Thanks, however Microsoft removed the incorrect designation, I’ve received their emails confirmation emails a few minutes ago.

My biggest concern though is if you don't check your sites you don't know you have a nice big window stamped on it saying "Suspicious website ..... Microsoft recommends that you do not give any of your information to such websites".

As it appears anyone can vote against your site and as you get no warning of it, there’s now another job of periodically checking to see if your site is/is not on the black list. Worst of all you seem to have to go page by page to find if the site is flagged.

In my case it was a payment page that was flagged not the rest of the site, therefore a cursory look would not have revealed the problem.

[remccain]

As it appears anyone can vote against your site and as you get no warning of it, there’s now another job of periodically checking to see if your site is/is not on the black list. Worst of all you seem to have to go page by page to find if the site is flagged.

That's just nuts. You mean *ANYONE* can flag *ANY* site as a phishing site and it warns everyone using MSIE 7?

Oh... wow...

Bwahahahahaaaaaa!

My competitors are going to lose *SO* much business >:)

Seriously though, does anyone else think that this 'feature' of MSIE is a bad thing?

[Siruis]

Only one thing left to do.
Everyone vote against MSN.com :)

[geotex]

Here is a link to microsoft to get a white paper on what and how (more or less) the Phishing Filter works.
www.microsoft.com/downloads/details.aspx?familyid=B4022C66-99BC-4A30-9ECC-8BDEFCF0501D&displaylang=en

[ManagedLinks]

this is typical of microsoft they only know how to do things badly.

Hotmail uses a similar user vote system, the stupidity is if your email is incorrectly flagged as possible spam and then the user empties the junk mail folder their system asks "report all items as spam?" which most users will do without bothering to actually check each email. hell its in the spam folder so it must be spam.

This becomes a vote against your site.

I had long discussion with staff about this problem they are totally unable to comprehend the problem mainly because they are like most support staff totally clueless. and if the boffins say its ok what would a stupid website owner know.

They assured me their system was flawless, and at exactly the same time could not explain to me why my emails continue to go to the junkmail folder even though they saw no errors with my mail system including the spf records they requested I implemented.

In other words microsoft doesnt have a clue. the trend continues

Vote with your feet people.

[Skywoolf]

Personally I would encourage all sites to start blocking access to IE and say why (poor security, non-www standards problems, damage to business, etc.)

It is about time people stopped being bullied (conned) by microsoft. There has been far too many problems caused by IE that are damaging to web sites and users.

[jambadeaux]

Here my understanding and intenions.

Rightfully so Microsoft doesn't like the bad guys. And it seems they have good intenions with the philosophy, "don't trust anyone further than you can throw them". That's all great, but I don't think they wlll fix the problem until they start having to defend themselves. Generally I don't even us IE but I intend to get this IE7 and vote against Microsoft. Even though for all intensive purposes I think their intentions are good, they just have to figure out a better way to accomplish their goals.

[Clint1]

I smell yet another Class-Action Lawsuit against the "geniuses" at M$ because of this. I for one will START the Lawsuit if IE7 is erroneously tagging any of my sites.

I, like most everyone else here is appalled by these scamming type sites and I think they (along with spammers) should get the "death penalty". I applaud the M$ "effort" to do something about it, but this is NOT THE WAY; harming the businesses and livelihoods of legitimate businesses.

I'm going to have someone using IE7 check my sites ASAP. Thanks for the post.