Flagged as Phishing :(
-
@MooCloud_Matt SmartScreen (Microsoft) and Google have now picked it up. I disabled sign ups (sad) and replied again that I've disabled signups, but not sure what else to do other than change the URL.
-
@robi Yeah, I'm not stressed as I'm confident in my position and just did a scan of the container and all is well. I did disable registration but there's no way to hide the registration button itself per VaultWarden (it just prevents it from happening). Offered to move the URL, not sure what else to do so as to keep me from getting bounced by NameCheap.
-
@doodlemania2 could it be that:
- there are self registered "users" you don't know
- that these users use your Vaultwarden Send to send spam maybe even with ("phishing") attachments?
I think it's good to have a look at the users and their Sends?
-
Is it possible that they assume that a "malicious" Vaultwarden tries to impersonate itself as the "benign" Bitwarden, i.e. they believe someone created a malicious version of Bitwarden to lure people in giving up their passwords?
-
@necrevistonnezr said in Flagged as Phishing :
Is it possible that they assume that a "malicious" Vaultwarden tries to impersonate itself as the "benign" Bitwarden, i.e. they believe someone created a malicious version of Bitwarden to lure people in giving up their passwords?
lol, just send them the github link and other news links describing what it is?
-
@robi @necrevistonnezr - yeah that's my guess, I did send them the GitHub information and confirmation that I wasn't phishing and they closed the "we are about to suspend you" case but it's still flagged in virustotal. Filled out some forms for Google Safe Search and Microsoft SmartScreen, we'll see.
Vaultwarden should replace the big Bitwarden logo IMO
-
In Cloudron --> Vaultwarden app settings --> Security --> Robots.txt, I have "disable indexing" saved. Maybe this could help you.