Even if you take all the necessary precautions, the chances of stumbling upon a shady website are never zero.
When that happens, most of us bolt, because who wants to risk infecting their computer with malicious programs? But you shouldn’t just leave and move on.
Why You Should Report Shady Websites
If you simply leave a scam website without taking any action, it stays up and other people come across it. Many of them, it’s safe to assume, fall victim to cybercrime. This is why you should always report shady websites—and they come in all shapes and sizes.
For example, cybercriminals set up phishing sites. They emulate legitimate websites (usually their login pages) with the goal of stealing victims’ information. More often than not, links to phishing sites are distributed via email, and the message asks the target to urgently log into an account.
Then there are also scareware websites. As the name suggests, they scare the visitor into believing they have a virus on their computer and trick them into downloading a supposed antivirus program. Of course, these aren’t actual antivirus programs, but rather malware.
Fake e-commerce websites have also been popping up in recent years. These are usually well-designed sites that look like legitimate online stores, but are actually just scams and don’t even sell any products. Leaving personal information on a site like that, especially if you make the mistake of putting in your credit card number, can be detrimental to your security (and your bank account).
Naturally, cybercriminals sometimes get more creative, and design topical or seasonal scam websites. For example, at the peak of the coronavirus pandemic, it was not uncommon to encounter sites promising early vaccine access. Likewise, stimulus payment scams flooded the web around the same time.
To a tech-savvy person, none of this is mind-blowing information. But cybercriminals know that, which is why they target the vulnerable; mostly older people, who are more likely to fall for their scams. And that’s precisely why you need to report shady websites.
Where and How to Report a Scam Site
The internet is still more or less decentralized, which means it doesn’t have one governing body that handles all cybercrime. But there are still options.
How to Report a Phishing Site
If you happen to stumble upon a phishing website, report it to Google Safe Browsing. This Google service generally warns users when they’re about to enter an unsafe website, but many slip under the radar. Reporting a site is fairly simple: just paste the URL, and explain how visitors are being scammed.
If you received a link to this site via email, report the sender to your email provider. Also, consider forwarding the email to email@example.com—this is the email address of the Anti-Phishing Working Group, an international organization focused on combating this type of cybercrime.
How to Report a Scareware Site
Your options are a bit more limited with scareware sites, but there are several agencies you can report them to. If you’re in the United States, the FBI’s Internet Crime Complaint Center is probably your best bet. What you need to do is file a complaint, and explain the situation. The bureau will ask you to fill out a form and leave some information, so bear that in mind.
If you’re based in the United Kingdom, you can report a scareware site to Action Fraud. You’ll have to make an account, log in, and then file your report. If you want to receive updates, you can opt in via email. Many countries have similar agencies that handle these types of issues.
How to Report a Fake Online Store
You can report fraudulent online stores and fake e-commerce sites to the International Consumer Protection and Enforcement Network (ICPEN). This is an organization that has nearly 70 member countries and deals with all various types of online fraud.
To report a fake online store, head over to econsumer.gov and select a complaint subject. If you click the “Online Shopping/Internet Services/Computer Equipment” button, a new page will load asking you to provide more details about the scam. Once you file the complaint, you’ll get a reference number, so you’ll be able to track progress and share additional information if necessary.
If these suggestions don’t apply, or if you’re just not sure where to report a shady website, there are several other things you can do. For a start, you can always report it to its domain registrar or hosting provider. But how do you find the current registrar of a domain name, or figure out which hosting provider a site uses?
The quickest way to do this is to use Namecheap’s Whois Lookup. Type the domain name in the search bar, and hit Enter. Scroll down, and you’ll see who owns the domain, where it’s registered, which company is hosting it, and so on. Once you gather the information you need, you can go to that registrar or hosting provider’s official website and fill out a “report abuse” form.
And after you do that, feel free to report the shady site to Microsoft Security Intelligence. Paste the link, select the threats you found on the site, solve the CAPTCHA, and click “Submit.”
In addition to this, consider filing reports with anti-malware vendors. Norton has its own submission portal, where you can paste the ULR of the site in question and submit it for analysis. Kaspersky also has a similar online tool. Once an anti-malware vendor establishes the site you submitted is a scam or spreading malware, they’ll flag it and add it to their lists of blocked domains.
Do Your Part: Report Cybercrime
Reporting a fishy website probably won’t take more than five minutes of your time, but could help save someone from significant trouble. Why not do your part and help create a safer internet for everyone?
In the meantime, make sure you don’t become a victim of cybercrime yourself: install an antivirus suite, update all software regularly, set strong passwords, watch out for scams, secure your internet connection, and always check if a link is safe before opening it.