top | item 33037055

(no title)

phrz | 3 years ago

Have you considered that your service, unbeknownst to you, may have been compromised at some point in time, and the source of some phishing page or other malicious material?

Besides that possibility, if your business is truly being "destroyed," have you contemplated retaining counsel to escalate things with Microsoft?

discuss

marcosdumay|3 years ago

Does it hurt Microsoft in any way to answer those tickets with "no, your site is participating in a phishing campaign"? And maybe tell the OP how, so that he can clean the malicious material?

And yes, that is a major defamation campaign led by Microsoft against the OP. And since MS even refuses to clarify their claim about the OP's wrongdoing, I imagine he would have an easy time in a court.

Quarrelsome|3 years ago

> Does it hurt Microsoft in any way to answer those tickets with "no, your site is participating in a phishing campaign"? And maybe tell the OP how, so that he can clean the malicious material?

Ye, it tells bad actors how the detection system works.

m3047|3 years ago

This. Also: magecart for TTPs.

OTOH it might not be. LinkedIn flagged a domain I own as malware and pointed fingers at Spamhaus. Spamhaus had it flagged, but removed the flag when I objected. Their management claimed sites which they flag did something to deserve it on LinkedIn, but never said what. (There is no malware. It's just cranky, especially to bots.) I doubt that Spamhaus' intent was that someone should publicly mark it as malware for other parties though.

ryandrake|3 years ago

Yea, the first thing I would do is rigorously determine whether the problem is actually a false positive (note: not a "false flag" which is something entirely different). Seems a bit early to jump straight to "it must be a competitor."