Jump to content

false positive - webmail.widomaker.com

Widomaker

By Widomaker
in Firefox

Recommended Posts

Widomaker

Widomaker

Posted
Posted (edited)

Hello,

Our customer has reported that Browser Guard blocks our legitimate Webmail address 

https://webmail.widomaker.com/

with the error... 

Website blocked due to phishing
Website Blocked: webmail.widomaker.com

v2.6.17 | Heuristics: phishing
Malwarebytes Browser Guard blocked this page because it may contain malicious activity.

Our Webmail page is frequently impersonated by phishing sites, but this 

https://webmail.widomaker.com/

is the legitimate Webmail address.  It is hosted by  

https://help.opensrs.com/hc/en-us/articles/18238199196955-Contacting-customer-service

and is white-labeled for our domain.

I'm curious what heuristics would cause our site to be flagged.  Any details will be appreciated.

Please whitelist or advise us how to resolve this for our customers.

Best Regards,
Bob

2024-02-08 15_36_41-Blocked by Browser Guard — Mozilla Firefox.png

Edited by AdvancedSetup
Disabled hyperlinks
Link to post
  • 1 month later...
JWS

JWS

Posted
Posted

I believe they have introduced this as there are many false pages that purport to the cPanel Webmail pages that are being used by spammers to collect data through phishing emails and there is no way to differentiate between the real pages and the false pages. I have tried to get them to work out how to allow legitimate webmail pages to be used but was not successful. All they can do is if you contact them with a list of the websites that need to use webmail they will whitelist them so they are not caught by this trap.

Link to post
  • Staff
blender

blender

Posted
  • Staff
Posted

Hello,

Thanks for the report. Site shouldn't be blocked anymore. Give it about 1/2 hour then try again. If still blocked, you may need to update Browser Guard database.
How to if needed:
Click BG icon in browser toolbar > 3 dots beside settings gear > support > check for database updates.

Because I don't have an account on that site, I couldn't try logging in to reproduce what you saw. If you can grab me some logs, that would be great.
Click BG icon in browser toolbar > 3 dots beside settings gear > support > Download debug logs.

Best to zip before attaching as it is usually about 5MB.

Thanks!

  • Thanks 1
Link to post
Widomaker

Widomaker

Posted
  • Author
Posted
12 hours ago, blender said:

Hello,

Thanks for the report. Site shouldn't be blocked anymore. Give it about 1/2 hour then try again. If still blocked, you may need to update Browser Guard database.
How to if needed:
Click BG icon in browser toolbar > 3 dots beside settings gear > support > check for database updates.

Because I don't have an account on that site, I couldn't try logging in to reproduce what you saw. If you can grab me some logs, that would be great.
Click BG icon in browser toolbar > 3 dots beside settings gear > support > Download debug logs.

Best to zip before attaching as it is usually about 5MB.

Thanks!

Hello.  Thanks for your reply.  This was posted on Feb 8th.  I assumed someone already whitelisted us because the issue stopped within a day or so of posting here.  Maybe not and it stopped being blocked for some other reason.  In our case, the login page was completely blocked and wouldn't even appear.

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.