Welcome on Phishing-Initiative website (hereafter referred to as the “Site”)
This Site aims at helping fight fraudulent websites misappropriating the identity of a company or administration. It allows its user to submit alleged phishing website’s addresses he identifies, so that they can be sent over to the CERT Orange Cyberdefense’s qualified teams for analysis.
The final goal consists, where necessary, in undertaking relevant countermeasures to block confirmed fraudulent websites.
1 Website editor
chez Orange Cyberdefense
54 place de l'Ellipse
Publishing editor: Jérôme Robert
Hosting provided byOVH SAS
Head office : 2 rue Kellermann - 59100 Roubaix - France
RCS Roubaix – Tourcoing 424 761 419 00045
The use of all processes or methods, be it individually or collectively, with the aim or effect to hindering or attempting to hinder the proper functioning of the Site, for instance, by slowing down its performances, its features or accessibility to other users, penetrating or attempting to penetrate in Information Systems or programs pertaining to the Site, by any means (Denial of Service, penetration, and/or fraudulent maintenance, etc.), may likely result in civil or criminal liability of the concerned user, in particular pursuant to the Articles 323-1 and followings of the French Penal Code.
PHISHING-INITIATIVE and its directors or employees may not be held liable for any damage from a connection to the present Site, except in case of wilful misconduct, duly proved and established by final court ruling.
3.1 Non-Confidentiality of Internet Sent Messages
Because e-mail communications based on the Internet, or upon accessing an Internet website such as this Site are not, by default, secure, PHISHING-INITIATIVE may not be held liable for any, unintended or intended, interception by a third-party of the message(s) or data provided to PHISHING-INITIATIVE by a user of this Site, be they transmitted via the Internet to the Site or to an e-mail address mentioned on the Site and belonging to PHISHING-INITIATIVE.
3.2 Hyperlinks to Third-Party Websites
PHISHING-INITIATIVE may provide links to websites independent from Phishing Initiative’s Site. PHISHING-INITIATIVE does not edit or control these sources, the content of these sites or their embedded links to other sites.
The links to these third-party websites do, in no way, imply that PHISHING-INITIATIVE approves, confirms or agrees with the content of these sites, nor do they imply a partnership between PHISHING-INITIATIVE and the owners and/or authors, designers, organisers, managers, or hosts of such sites. PHISHING-INITIATIVE shall then not be held liable for the content, products, services, use of data (particularly personal data), publicity, cookies, IT codes, or any other elements pertaining to these sites, nor for any damage or loss, caused or alleged to be caused by, or arising in connection with, the use of information, services, or data available on these sites.
3.3 Liability as Regards to the Site’s Content and Services
The Site enables you to access Phishing Initiative’s services; it may provide you with information to do with Phishing Initiative, PHISHING-INITIATIVE and its project partners, their activities, or their services.
These information and services are intended for informational purposes only. PHISHING-INITIATIVE does in no way guarantee the relevance, update or completeness of the information conveyed and/or available services and shall in no way be held liable for this information, suggestions, content or services, nor for the decisions made based on, or influenced by, such content or services. Likewise, PHISHING-INITIATIVE’s answers to the questions it is being asked online by a user, are only intended for informational purposes, and do not constitute pieces of advice. Therefore, PHISHING-INITIATIVE cannot be held responsible for any of these answers.
PHISHING-INITIATIVE does not guarantee that the Site, the Site’s access servers and/or the third-party websites accessible through herein provided hyperlinks, are exempt from viruses or other components likely to cause damage to goods or individuals.
PHISHING-INITIATIVE disclaims all warranties, whether express or implied, as regards to the use or resulting use of the elements available through the Site. PHISHING-INITIATIVE shall in no way be held liable for any loss of data or any damage incurred in relation to the data dealt with by the user in the Site, or the services, or IT means proposed by the Site. Any information or advice provided by Phishing Initiative shall not be considered a guarantee of any kind likely to incur the liability of PHISHING-INITIATIVE.
4.1 User’s Commitment
The user commits not to purposely submit URLs pointing to content that would be irrelevant to this site’s goal:
- promotional or information website belonging to a legitimate organisation,
- revisionist website, (child) pornography, e-gaming, etc.
All pointedly abusive use of the tool might cause restrictions or ban of the users identified by the Site’s administrator.
In order for his submissions to be accepted, the user needs to provide the suspicious URL and a valid e-mail address, and then enter the CAPTCHA displayed below the submission field.
The authorized URL format consists in the following elements:
The user may provide any valid e-mail address, such as:
Also, a simplified processing system (automatic submissions and validations, for instance) might be set up for specific individuals or organizations.
4.2 Phishing-Initiative’s Actions
Systematically applied countermeasures whenever a URL address is identified by our teams as a phishing URL consist in:
- sending the incriminated URL to partners, so that this address can be blocked in the following browsers:
- Internet Explorer v8+
- Safari v2+ / Chrome v1+ / Firefox v3+.
Depending on the specific case or phishing victim, the report may be sent to:
- service providers in charge of the fraudulent Web pages (host, DNS operator, etc.) as to the presence of this content on their servers;
the targeted public or private organisation, the name of which/whom has been misappropriated;
local or international law enforcement forces;
public or private CERTs/CSIRTs teams, referenced or not in trusted networks such as the TF-CSIRT or FIRST.
For all questions, please contact us via this form: Contact.