Phishing Reporting Guide

    How to Report a Phishing Website

    Browser warnings stop some victims. Infrastructure takedowns stop the attacker. This guide covers both, in the right order.

    The 4-Step Phishing Takedown Workflow

    Step 1

    Preserve the phishing URL

    Copy the full URL: including subdomain, path and query string. Do not click any links inside the page. If the link came from an email, save the raw email source so the headers survive.

    Step 2

    Capture page evidence

    Take a screenshot of the phishing page. If safe to do so from an isolated browser, save the rendered HTML. The Blackwall Evidence Vault produces a SHA-256 sealed snapshot for legal-grade archiving.

    Step 3

    Submit the report

    File the case with a takedown platform that contacts the hosting provider and registrar. In parallel, notify Google Safe Browsing and APWG so browser warnings appear within hours.

    Step 4

    Confirm the takedown

    Once the host removes the page, the report is closed and added to the public Wall of Neutralized Threats. Pro plans automatically follow up if the host has not responded after 24 hours.

    Where to Report a Phishing Site

    File reports in parallel: block-lists, infrastructure takedown, and law enforcement each cover a different layer.

    Blackwall
    Takedown

    Forwards verified phishing cases to the hosting provider and registrar with evidence attached. Pro plans add automated 24-hour follow-ups.

    File on Blackwall

    Google Safe Browsing

    Browser-level interstitial warnings in Chrome and Gmail. Fast, free, and runs in parallel with infrastructure takedowns.

    safebrowsing.google.com

    APWG

    Anti-Phishing Working Group aggregates intelligence and feeds many browser block-lists. Forward suspicious emails to reportphishing@apwg.org.

    apwg.org/reportphishing

    National CERTs (EU / DACH)

    CERT-Bund (DE), CERT.at (AT) and NCSC (CH) handle phishing reports targeting national infrastructure. Useful when banks or government services are impersonated.

    bsi.bund.de · cert.at · ncsc.admin.ch

    Frequently Asked Questions

    Spotted a phishing page?

    File the case in under two minutes. The Blackwall team handles the host correspondence and keeps you posted as the page is taken offline.

    Cookie Notice

    We use cookies to ensure the functionality of our website. Necessary cookies are required for operation. Optional cookies help us improve our services. For more information, see our Privacy Policy.