How to fix a new domain flagged as phishing or malicious by antivirus software

Quttera Webdivo Scan Result
By:Adit MB

Launching or rebranding your business is an exciting journey. You’ve chosen the perfect name, secured the .com domain, and even designed a sleek website. Naturally, you’re eager to share it with friends, clients, and online communities, right?

But then, you hit a snag. You find out that your new domain is flagged as phishing or malicious by antivirus software. Imagine the frustration. This happened to me, and I’ve learned a few things along the way that might save you some headaches.

Key Takeaways:

Where to check if your domain is flagged as phishing or malicious

After re-launching my website, everything seemed perfect — until my friends told me they couldn’t access it. Their antivirus software flagged it as malicious. Naturally, I freaked out.

I immediately ran a few scans using popular security tools, and guess what? They all cleared my site. It wasn’t until I checked VirusTotal that I could see which antivirus companies had flagged my domain.

Virustotal Webdivo Before
Virustotal Webdivo Before Submitting False Positive

What to do next? Scan your website with reputable security checkers

Even though I was confident my site was clean (I didn’t use nulled plugins or sketchy scripts), I still needed confirmation. So, I ran security checks with these trusted services:

  1. Sucuri: A well-known security service, especially for WordPress. They offer a free malware scanner and plugin.
  2. Quttera: Another solid choice for free malware scanning. Their tool is quick and easy to use.
  3. PCRisk: A recommendation from my Telegram group. It’s a hidden gem for website security checks.

If your site shows up with malware or other security issues, fix them first before moving on to the next step. If you’re not sure how, consulting a professional is a good idea.

Sometimes, when things are already bad, rebuilding your website might be a cheaper and better option than trying to fix the malware.

Sucuri Webdivo Scan Result
Sucuri Webdivo Scan Result
Pcrisk Webdivo Scan Result Copy
Pcrisk Webdivo Scan Result

How to report false positive to anti virus companies?

A false positive occurs when an antivirus flags your website as malicious, even though it’s clean. It’s like an alarm going off when there’s no fire. This happened to me, and probably to you, too.

The good news? VirusTotal makes it easy to reach out to antivirus companies to report a false positive. Here’s how you can do it:

  • Find the Antivirus Company: VirusTotal will show you which specific companies flagged your domain.
  • Contact them: Some companies accept submissions via email, while others have a form specifically for false positives.

False positive submission email example

To help you get started, here’s an example email template I used to contact the antivirus companies:

Pro tip: Use the domain’s email for the submission to prove ownership and attach the clean-scan results in the email/ form.

Subject: False Positive Flagging of [your domain] as [Phishing / Malicious] – Request for Review

Dear [Anti Virus Company] Team,

I hope this message finds you well. I am writing to request a review regarding the flagging of my domain, [your domain], as suspicious on your platform. This flagging was detected through VirusTotal and seems to be a false positive.

I have conducted thorough security scans using multiple reputable services, including PCRiskQuttera, and Sucuri, all of which have confirmed that my website is clean, secure, and free from malware or any suspicious content.

Given the clean results from these scans and the absence of any malicious activity on my site, I kindly request that you review and remove the malicious warning associated with [your domain].

If you need any further details or documentation to facilitate the review, please feel free to reach out. I greatly appreciate your prompt attention to this matter.

Best regards,
[Your Name]
[Your Company / Domain Email]

The results after 48 hours: It works!

After submitting my request to have the false positive reviewed, I didn’t expect a fast turnaround. But 48 hours later, I checked VirusTotal, and the results had improved from 8/96 to 2/96 (it was 1/96 before I refreshed the page!). That’s progress!

I’m not fully satisfied just yet, so I’ll continue reaching out to the other antivirus companies until my domain is 100% clean. My goal? 0/96 — no more flags, just a clean reputation.

Virustotal Webdivo After
Virustotal Webdivo After Submitting False Positive

Update: December 5th, 2024

Finally it paid off. I’ve got clean results in VirusTotal and now my website is clear from false positive threats.

Virustotal Showing Clean Results
Virustotal Showing Clean Results

Final thoughts: Stay persistent and be patient

Dealing with a new domain flagged as phishing or malicious can be frustrating, but it’s something most of us will face at some point. The key takeaway here is to stay persistent and use reputable tools to show that your website is clean.

I’ll keep you updated on my progress, but in the meantime, I hope this guide helps you avoid the same mistakes I made and get your site back in good standing.

If you’re facing this issue, don’t panic — you’ve got this!

Adit MB

WordPress web developer from Indonesia with a background in technology. I create fast, responsive, and SEO-friendly websites that help businesses succeed.

Adit MB, Co-Founder of Webdivo

Leave the first comment