"It's a trap! Reported phishing or malware site" : who?

[dane]

Because Fusion is an open platform serving 10+ ISPs so far, we can't brand the page - everyone's customers get the same page.

[ankh]

Aside, I just saw a news story about Google's DNS being misdirected to Argentina recently that mentioned that only a few ISPs have bothered installing secure DNS, and it didn't name them. Worth promoting!


spelling aside, I'd have reported mousetrapped pages if I'd seen something identifying Sonic
like (spelling aside) the suggested
<blockquote> note like "Mallware filtering provided by SonicCoServices under contract"</blockquote>
appear along with the mousetrap.

I haven't reported the mousetrapped pages I've seen because I wasn't sure who'd get the report.

Heck, I didn't know if the -mousetrap- might be phishing to get a reply!
These days, life is confusing.

I can see reasons to hold off, since adding more info is a level of complication yet to be added.

I imagine you'd rather have the individual user's ISP identified -- presumably they'd not be happy to have their customers contacting Sonic, and you don't want to be fishing off their pier.

(Maybe morphing and stretching a little Sonic logo so it appears to be painted on the mousetrap board -- an image that your own users can recognize, but other ISPs' customers will just see as an odd graphic logo? )

[virtualmike]

Because Fusion is an open platform serving 10+ ISPs so far, we can't brand the page - everyone's customers get the same page.

But perhaps the page could state "by your Internet service provider" and provide a generic, non-branded link that explains more about the process and directs people to contact "Customer Service"?

[dane]

Because Fusion is an open platform serving 10+ ISPs so far, we can't brand the page - everyone's customers get the same page.

But perhaps the page could state "by your Internet service provider" and provide a generic, non-branded link that explains more about the process and directs people to contact "Customer Service"?

That's a key point I should make clear: if someone hits a phishing site, as happens thousands of times per day, we don't want to trigger a call to customer service. Spammers and those spreading viruses and running bot nets already cost us and our members a huge amount of financial and time resources. In the end, it all results in higher costs of service for everyone.

[ankh]

Agreed, definitely don't bother customer support at Sonic about those, y'all can't fix them.

I sometimes contact the owners of a site, if I know it's a real person's page, to tell them their site's not reachable because it's blocked and, if I can tell them whose blocklist they're on, how they can find out more.

Google has 'webmaster tools' as a contact for their blocklist.
Of course there are no human beings doing support at Google
because they rely on their customers talking to each other and reading the documentation posted.

[virtualmike]

That's a key point I should make clear: if someone hits a phishing site, as happens thousands of times per day, we don't want to trigger a call to customer service.

Fair enough. Instead of directing people to contact Customer Service, offer a link to a FAQ on phishing, scamming, and other 'net risks.

[digitalbitstream]

That's a key point I should make clear: if someone hits a phishing site, as happens thousands of times per day, we don't want to trigger a call to customer service. Spammers and those spreading viruses and running bot nets already cost us and our members a huge amount of financial and time resources. In the end, it all results in higher costs of service for everyone.

I don't ask you to take a CS call.

I do ask you disclose who did the blocking, and why.
Was it the NSA that blocked it? It's the trap trap actually a trap? Was it google? Right now nobody knows.

The current setup is morally incorrect: blocking without disclosure. With disclosure, and a FAQ, it should be all good.

[ankh]

I'd suggest a message like this:

_________
One of a large and varying number of different blocklists warned this link is bad.
You can check a link by searching using one of these tools to find
out which blocklist is flagging it:
https://www.google.com/search?q=how+to+ ... klist+site
-------------

Seriously, guys, there are so many different ways a link can be flagged, and each of the different ISPs using Sonic's service will have subscribed to their own choices of blocklists -- which can change at any time.

They'd have to keep a current list, and forward that to Sonic, and amend it to specify which one flagged an IP.
No chance.

But -- you can look this stuff up.

All Sonic might add is a little help for those who don't understand how to look it up for themselves.

[HELP]

Hi,
My office has been trying access our cloud database page http://www.cubby.com and every time we try to load the page we get "It's a trap! Reported phising or malware site." This is a legitimate website and we haven't access since Thursday last week. The page loads perfectly with internet providers that is not Sonic, so Sonic is doing something to block access to cubby. I already filed a report yesterday, I REALLY NEED TO ACCESS this website.
Please help me as soon as posible

[virtualmike]

I just tried and got the same thing. There's a "Tell Us" button at the bottom... perhaps reports there get routed to the NOC faster than reporting here?