False Positive |

[showard-cyber]

What are the subjects of the false-positive (domains, URLs, or IPs)?

https://www.virustotal.com/gui/url/9ae61e290a19422132e7c46e06b64237a3f730d697fec79b30c5b786537037b3/detection/u-9ae61e290a19422132e7c46e06b64237a3f730d697fec79b30c5b786537037b3-1738683024

https://supucansign.na4.echosign.com/public/resend?tsid=CBFCIBAACBSCTBABDUAAABACAABAAm5eac-rK-_6GYsfkIdd4bj-tG9kJf_bYTPKLeaxyAdcfzqVTeKu_6Om9HvXdIy0kgn9cFuR3RNm88fvN1CzunN64EOebr1AltN75sqv4nS0UiOGIiv6ehFEU_8fXFz1b

Why do you believe this is a false-positive?

This is 100% a false / positive. This is an Adobe sign document sent from our HR department. (Confirmed). It is causing an issue as we are tied in with VirusTotal and KnowBe4 and is causing workflow issues. You are the only vendor flagging this. Please review and correct. This is the second day this has happened. Thanks.

How did you discover this false-positive(s)?

VirusTotal

Where did you find this false-positive if not listed above?

See the VirusTotal link above.

Have you requested a review from other sources?

Yes - VirusTotal directed me to your site direct.

Do you have a screenshot?

Additional Information or Context

N/A

[phishing-database-bot]

Verification Required

@showard-cyber, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

   • Record Name: _phishingdb
   • Record Value: antiphish-b29786b22cecdc61ba670463f6196b4fb39e437e

   Your Verification ID: antiphish-b29786b22cecdc61ba670463f6196b4fb39e437e

2. Wait for DNS propagation (this may take a few minutes to a few hours).

3. Reply to this issue once the TXT record has been set.

Important Notes

• Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
• If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

• Online tools like MXToolBox TXT Lookup.
• The command line:

  dig TXT _phishingdb.example.com
  

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

[showard-cyber]

No clue what is being asked here. Please review the links provided that you flagged on for specifics. Thank you.

[spirillen]

Then you for sure have NO clue on IT security and management, closing.

[showard-cyber]

Lol. Thanks for taking the time to review the false / positive link you flagged on that I provided. You are the only vendor to flag on something that is clearly a false positive - twice. Appreciate your professional response on clearly a weak reporting platform. I’ll make sure to share my experience with VirusTotal and your response. From: spirillen ***@***.***> Date: Tuesday, February 4, 2025 at 10:21 AM To: Phishing-Database/Phishing.Database ***@***.***> Cc: Scott Howard ***@***.***>, Mention ***@***.***> Subject: Re: [Phishing-Database/Phishing.Database] False Positive | (Issue #1097) EXTERNAL EMAIL: Use Caution! Then you for sure have NO clue on IT security and management, closing. — Reply to this email directly, view it on GitHub<#1097 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/BPFAJGU7NNWJDJU452DU32D2ODSJPAVCNFSM6AAAAABWO6BT3KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMMZUGQ3DCNBWGY>. You are receiving this because you were mentioned.Message ID: ***@***.***>

[spirillen]

Lol. Thanks for taking the time to review the false / positive link you flagged on that I provided. You are the only vendor to flag on something that is clearly a false positive - twice. Appreciate your professional response on clearly a weak reporting platform. I’ll make sure to share my experience with VirusTotal and your response.

Please go ahead; I look forward to it. However, if you don't understand what a TXT record in your DNS table is, you should consider having someone else manage the domain and server - someone who is familiar with these fundamental concepts from the basics of administration.

Additionally, if you can't verify your connection to the domain, how can I be sure you're not just a 7 year old fat Russian hacker living in your mom's moldy basement, trying to exploit the domain after finding an easy backdoor into the server?

That's why I quickly decided to step away from this issue; it seems you may not have a genuine interest in the process. If you did, I would have expected you to look online for guidance instead of giving up.

If you're open to it, I encourage you to ask around. I'm usually very patient when it comes to helping others, when teaching and sharing my knowledge.
However, it seems you didn't take the initiative to ask for help, which I find quite disappointing. It's concerning that you have open ports on your router leading to a server that could potentially be misused against online security, especially for those who may not be as informed (Meta sheep).