This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

My website is flagged as malicious

Hello,

I have a problem with your scanning service, I am a developer from Smart Media International and you marked our site as malicious in virus total, so I want to remove that problem because it is limiting our online services.

The website is: smartmediainternational.com

We have a complete security environment (HTTP/3, SSL SHA256, HSTS, reCaptcha, Page level WAF, Server level WAF + Imunify360 Antivirus, and we are using CloudFlare)

I have been actively updating the core of the website and after seeing this issue I did a full server scan and checked all the website files for SQL injections, modified files or malicious code without getting anything.

So. Why Sophos flag our site as malicious?



This thread was automatically locked due to age.
Parents
  • Hi Jorge,

    Thanks for reaching out to the Sophos Community Forum.

    Looking into our site classification tools, it appears this website was miscategorized until very recently. You can also use the Sophos Intelix tool to get a second opinion on how Sophos' virus engines perceive the website. 

    If you wish for a website to be re-categorized, you can submit a request from our Sample submission page.

    Currently, Sophos Intelix shows the site is "Uncategorized" and "Likely Clean". 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • I already did (request a re-categorization), but why should an 'Uncategorized' website be a malicious website? I don't understand, currently some customers don't want our service until that problem is fixed.

    Basically, your security system affects the corporate image of legitimate companies.

    I can't use Sophos Intelix because I'm not a user of Sophos

    Anyway, I would like this problem to be corrected as soon as possible due to the aforementioned.

    Thanks for help

  • Hi Jorge,

    Sophos has not classified your site as malicious. It is uncategorized, meaning we have not even looked at it before, which is why it is uncategorized. Most firewalls (Sophos and others) will allow their customers to block certain categories of websites e.g. gambling, adult, games. They will also have an option of deciding what they want to do with uncategorized websites, by default these would not be blocked, but many companies will choose to block uncategorized sites as the vast majority of websites their users need to use for work will be categorized, while at the same time, new websites that are created for malicious purposes are unlikely to be categorized, so this offers companies an extra level of protection. However, it is the individual companies choice if they want to block uncategorized websites or not, Sophos doesn't control that.

    This should be resolved once the website is categorized appropriately, which I can see the process for that has started and will likely be completed within the next 24 hours. 

Reply
  • Hi Jorge,

    Sophos has not classified your site as malicious. It is uncategorized, meaning we have not even looked at it before, which is why it is uncategorized. Most firewalls (Sophos and others) will allow their customers to block certain categories of websites e.g. gambling, adult, games. They will also have an option of deciding what they want to do with uncategorized websites, by default these would not be blocked, but many companies will choose to block uncategorized sites as the vast majority of websites their users need to use for work will be categorized, while at the same time, new websites that are created for malicious purposes are unlikely to be categorized, so this offers companies an extra level of protection. However, it is the individual companies choice if they want to block uncategorized websites or not, Sophos doesn't control that.

    This should be resolved once the website is categorized appropriately, which I can see the process for that has started and will likely be completed within the next 24 hours. 

Children
No Data