Jump to content - gmass.co


Recommended Posts

Hi there,

My website, hxxp://www.gmass.co, is an email marketing plugin for Gmail and G Suite.

This morning I have users telling me that Malwarebytes is blocking access to the site, declaring it malicious. Because GMass is an email marketing tool, we do handle click-tracking redirects and occasionally a phisher will use GMass to redirect to a phishing form. We disable the redirects when we become aware of them. 

If you know of a redirect from GMass to a phishing form, please let me know and I will disable the redirect right away.

Still though, can you tell me what I need to do to get gmass.co off your blacklist?

Screenshot 2017-03-09 10.41.28.png

Link to post
Share on other sites

To the Malwarebytes admins:

I did just notice a bunch of abusive users using GMass to send emails with a link to a Gmail phishing site, where they were attempting to collect Gmail logins.

I just disabled 120 user accounts, which will also disable their click-tracking redirects.

I hope you can see that the problem has been resolved on my end and will unblock my IP.

Link to post
Share on other sites

Thanks for the additional link: https://www.virustotal.com/en/ip-address/

I've examined that as well. We have our users set up their own tracking domains and CNAME them to gmass.co, which is why so many domains are listed under "Passive DNS Replication" and "Latest Detected URLs".

Still though, none of those URLs are currently malicious and I believe I've disabled all redirects to malicious content.

Can anyone point me to a single URL on my server that is still malicious?

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.