Terms of use

Welcome on Phishing Initiative website (hereafter referred to as the “Site”).
This Site aims at helping fight fraudulent websites misappropriating the identity of a company or administration. It allows its user to submit alleged phishing website’s addresses he identifies, so that they can be sent over to the CERT-LEXSI’s qualified teams for analysis.
The final goal consists, where necessary, in undertaking relevant countermeasures to block confirmed fraudulent websites.

1. SITE’S PUBLISHER

Publisher

LEXSI
Tours Mercuriales Ponant
40, rue Jean Jaures
93170 BAGNOLET
Publishing director: Jérôme Robert

Hosting services

OVH SAS
Headquarters: 2 rue Kellermann – 59100 Roubaix – France.
RCS Roubaix – Tourcoing 424 761 419 00045

2. SECURITY

The use of all processes or methods, be it individually or collectively, with the aim or effect to hindering or attempting to hinder the proper functioning of the Site, for instance, by slowing down its performances, its features or accessibility to other users, penetrating or attempting to penetrate in Information Systems or programs pertaining to the Site, by any means (Denial of Service, penetration, and/or fraudulent maintenance, etc.), may likely result in civil or criminal liability of the concerned user, in particular pursuant to the Articles 323-1 and followings of the French Penal Code.

3. LIABILITY

PHISHING-INITIATIVE and its directors or employees may not be held liable for any damage from a connection to the present Site, except in case of wilful misconduct, duly proved and established by final court ruling.

3.1 Non-Confidentiality of Internet Sent Messages

Because e-mail communications based on the Internet, or upon accessing an Internet website such as this Site are not, by default, secure, PHISHING-INITIATIVE may not be held liable for any, unintended or intended, interception by a third-party of the message(s) or data provided to PHISHING-INITIATIVE by a user of this Site, be they transmitted via the Internet to the Site or to an e-mail address mentioned on the Site and belonging to PHISHING-INITIATIVE.

3.2 Hyperlinks to Third-Party Websites

PHISHING-INITIATIVE may provide links to websites independent from Phishing Initiative’s Site. PHISHING-INITIATIVE does not edit or control these sources, the content of these sites or their embedded links to other sites.

The links to these third-party websites do, in no way, imply that PHISHING-INITIATIVE approves, confirms or agrees with the content of these sites, nor do they imply a partnership between PHISHING-INITIATIVE and the owners and/or authors, designers, organisers, managers, or hosts of such sites. PHISHING-INITIATIVE shall then not be held liable for the content, products, services, use of data (particularly personal data), publicity, cookies, IT codes, or any other elements pertaining to these sites, nor for any damage or loss, caused or alleged to be caused by, or arising in connection with, the use of information, services, or data available on these sites.

3.3 Liability as Regards to the Site’s Content and Services

The Site enables you to access Phishing Initiative’s services; it may provide you with information to do with Phishing Initiative, PHISHING-INITIATIVE and its project partners, their activities, or their services.

These information and services are intended for informational purposes only. PHISHING-INITIATIVE does in no way guarantee the relevance, update or completeness of the information conveyed and/or available services and shall in no way be held liable for this information, suggestions, content or services, nor for the decisions made based on, or influenced by, such content or services. Likewise, PHISHING-INITIATIVE’s answers to the questions it is being asked online by a user, are only intended for informational purposes, and do not constitute pieces of advice. Therefore, PHISHING-INITIATIVE cannot be held responsible for any of these answers.

3.4 Warrantees

PHISHING-INITIATIVE does not guarantee that the Site, the Site’s access servers and/or the third-party websites accessible through herein provided hyperlinks, are exempt from viruses or other components likely to cause damage to goods or individuals.

PHISHING-INITIATIVE disclaims all warranties, whether express or implied, as regards to the use or resulting use of the elements available through the Site. PHISHING-INITIATIVE shall in no way be held liable for any loss of data or any damage incurred in relation to the data dealt with by the user in the Site, or the services, or IT means proposed by the Site. Any information or advice provided by Phishing Initiative shall not be considered a guarantee of any kind likely to incur the liability of PHISHING-INITIATIVE.

4. OPERATING PRINCIPLES

4.1 User’s Commitment

The user commits not to purposely submit URLs pointing to content that would be irrelevant to this site’s goal:

  • promotional or information website belonging to a legitimate organisation,
  • revisionist website, (child) pornography, e-gaming, etc.

All pointedly abusive use of the tool might cause restrictions or ban of the users identified by the Site’s administrator.

In order for his submissions to be accepted, the user needs to provide the suspicious URL and a valid e-mail address, and then enter the CAPTCHA displayed below the submission field.

The authorised URL format consists in the following elements:
protocol://(sub-domains.)domain.extension/tree/name.contenttype
Example: http://malicious website.ext/directory/phishingpage.html

The user may provide any valid e-mail address, such as: something@domain.extension
Example: lastname.firstname@domain.ext

Also, a simplified processing system (automatic submissions and validations, for instance) might be set up for specific individuals or organisations.

4.2 Phishing-Initiative’s Actions

Systematically applied countermeasures whenever a URL address is identified by our teams as a phishing URL consist in sending the incriminated URL to partners, so that this address can be blocked in the following browsers:

  • Internet Explorer v8+ ;
  • Safari v2+ ;
  • Chrome v1+ ;
  • Firefox v3+.

Depending on the specific case or phishing victim, the report may be sent to:

  • service providers in charge of the fraudulent Web pages (host, DNS operator, etc.) as to the presence of this content on their servers;
  • the targeted public or private organisation, the name of which/whom has been misappropriated;
  • local or international law enforcement forces;
  • public or private CERTs/CSIRTs teams, referenced or not in trusted networks such as the TF-CSIRT or FIRST.

The user understands and unconditionally accepts these General Terms of Use.
Phishing Initiative reserves the right to modify these General Terms of Use at any time, without notice.

CONTACT

You may send all questions, suggestions, or even report an identified problem, exclusively regarding the content of our website.

Send questions