Welcome aboard Pete, **who** told you this?

For me To recify this I was told to update to either IE6 latest toolbar or IE7 which have a phishing facility to allow anyone to report the website to microsoft.

I don't see how installing something in your browser can modify something on your site, or how that would affect any visitors to your site, who may or may not even be using I.E.

Since you're not allowed to paste emails here (or URL's, see TOS) please generalize who told you this and how you were informed. It sounds like maybe this is a scam in itself, unless you're sending out emails spoofing as someone else in the interest of gathering passwords, I'd be interested to know how your site is being classified as a phishing site.

Hi Rocknbil,

I appreciate your reply.

I was initially told that my site had a phishing problem
by a mentor of mine who has helped me with my website project.. I had never heard of phishing before.
I have set up a website that sells a product, but I myself dont class it as a scam.. I surpose it depends what one calls a scam..we all have opinions..Does one call selling a set of dvds a scam? These are a genuine product in my opinion of value that offers tuition in a subject.

I found out some information about phishing on a google search on phishing on wikipedias site . it does mention IE7, but I cannot recall exactly how I found out that IE6 also had a new toolbar with a phishing filter, but somehow i found out.. prpbably my mentor told me.. Although hes a mentor hes not an exert in everything but he was at least aware of it and I assume he had ie 7 and the phishing filter he had regestered it.. he also claims hes rarely seen it on other sites before, so it concerns me it shows on my new site.. I dont know if its due to the paypal button links that i have on the site..

anyway when i downloaded and set up IE6s new toolbar and look at the phishing button called PC health, it has some information about phishing.. BUT IT seems mainly to refer to IE7s version, although it does mention the toolbar version..

I did send some further details in my 1st message but unfortunately much of it has been delated by the moderator.

Ive included one of the questions that refers to my query, but as i mentioned unfortunately it doesnt fully apply to the IE6 version.

As I understand it anyone who has IE7 or 6s new toolbar will have the phishing facilty and if they visit my site it will warn them my site is a phishing site.. I wanted to tell Microsoft that it isnt and to have them check it out and rectify that it isnt as, at the moment as I understand it they suspect that it is.. IF I am able as the webmaster to tell them, I am hoping that they can investigate it and stop any future phishing problems with it.

below is one of the FAQ from my Phishing facilty.

I hope that I am allowed to show this and that it can expain a few things.
As you say unfortunately one isnt allowed to post links urls etc..which would had made it easier to show.

many thanks again

cheers Pete

Q. If I am a Web site owner, how do I correct a warning or a block on my legitimate site?
A. You can immediately submit a request for a correction. Microsoft Phishing Filter has a built-in, Web-based feedback system in place to help customers and Web site owners report any potential false warnings or blocks as quickly as possible. In Windows Internet Explorer 7 or Windows Live Toolbar, from a yellow warning, click Report this site as safe or from a red warning, click Report that this is not a phishing website. This will take you to a feedback page where you can indicate you are a site owner or representative. Follow the instructions and provide the information on this site to submit a site for review.
Once a dispute is submitted, a team of graders inspects the site in question. All disputes should be submitted through the Web site reporting process to ensure the quickest resolution.

It would probably be fastest to find a computer with IE7 on it and follow their instructions.

Jim

Are you sure your site hasn't been hacked and phishing pages added without your knowledge? I've heard of this happening many times before. Login to your site with FTP and see if there's anything in there you don't recognize.

Hi JDM and MatthewHSE.

It probably would be best to try the IE7 version and I will do that if I dont get any other suggestions this nest day or so.

As for anyone targeting my site.. NO I certainly have not heard of this happening before and I dont really know what to do.. I find that really quiet disturbing though if it can happen and it puts me off trying to set up a web business as the fraudsters out there seem too clever to fight off unless one is very knowledgble about security..I have only tried using fTP once before so ive little experience with it but I will see if i can find someone who may be able to help me do as you say.

I have several files within my hosting folders on my website and have allowed two webdesigners into it before. I am able view the files by entering my site, but it may be difficult to find any possible phishing files.
I have placed some files in there for future projects that I played around with.

I thought that maybe the problem was with my paypal buttons or popup that I use.. I dont think it will be easy for me to tell which files may be phishing as the webdesigners have added some files in folders that I am already unfamiliar with..

Again I appreciate your feedback.

best regards Pete

While I am mentioning security, does anyone ever get messages come up when they visit certain websites.

I never used to get them.. BUT Now for some reason I OFTEN get them.. I dont think its anything to do with phishing, but its a pain as I am having to click on yes to get onto the sites I am visiting.

Does anyone Know what If anything I can do to avoid them appearing..

where ive wrote tick and! ...This is The message I get below.. I get a white tick in a green circle and an exclamation mark in a yellow triangle..

thks Pete

Security Alert.

Information you exchange cannot be veiwed by others.

however there is a problem with the sites security.

tick.. The security is from a trusted source

Explanation mark! ..the security certificate has expired or is not yet valid.

tick ...the security certificate has a valid name matching the name of the page you are trying to view.

Do you want to proceed .... YES OR NO View certificate

The message you are getting has nothing to do with phishing. Phishing is trying to trick users into giving you their user IDs and passwords for other sites.

It looks like you are using an invalid, expired, or "demo" SSL certificate. Did you purchase an SSL certificate for your site? I assume the shopping-cart and/or checkout section of your site is using SSL.

Hosting plans don't normally come with a usable SSL certificate. Some come with a "dummy" SSL certificate as a courtesy. This will allow you to test out your site, and make sure that SSL is working, but you still need to purchase and install your own SSL certificate.

The "dummy" certificate is typically either not signed by a recognized certificate authority, self-signed, expired, or belongs to your ISP and not to your particular site. All of these will trigger various warning messages, depending on the browser being used.

Hi jtara,

Thank you for your comments.

I will be honest and say I had no idea that one needed to
buy such a certificate.. I dont know if one is included when one buys a new PC or if one is obtained if they have a website or hosting facility only... In this case i thought that it would have been included in the host fee.

I assume that this only applies to those with websites and hosting and will let visitors know they are visiting a trusted site..

I found this from a website which sells ssl certificates.

it seems there are various ones from just security for secure transmission.known as essential ssl

another for assurance and compliance known as instant ssl

and Trust known as EV ssl for IE7 and this is the most expensive 10 x more.. £500 in the UK

I assume that If I obtain the basic essential ssl for security that this will be ok.

but 1st I will try and check with my host company.

cheers again.

Pete

Secure Sockets Layer (SSL) is a global standard security technology developed by Netscape in 1994. SSL creates an encrypted link between a web server and a web browser to ensure that all data transmitted remains private and secure. Millions of consumers recognize the "golden padlock" which appears in their browser to indicate they are viewing a secure web page.

Why do I need SSL?
Gain competitive advantage by appearing more trusted and more legitimate
Provide assurance to your customers that their data cannot be tampered with or forged
Ensure that your customer's sensitive data is transmitted securely

Hi Jtara,

Ref to your Pre reply............

I did check my Web host and It does seem that it doesnt include a SSL certificate.. I would have to buy one seperately although they do make a reasonable offer through them..

I just had a look at windows IE7 download page and there is a link that takes you on a Short tour.. Theres part to do with security and surprisingly it does mention both phishing and SSL and I do get the impression they are connected....

below your message in brackets is what it says...

Im Not sure for certain though IF the phishing facility is much different than it is on IE6 toolbar update although from what I read in the info on IE6 toolbar I surpose I would have to assume that it does have other options including one for website owners to report there own site
to microsoft and request them to check it out and make it a safe site..ie NON phishing..

Pete

(The message you are getting has nothing to do with phishing. Phishing is trying to trick users into giving you their user IDs and passwords for other sites.
It looks like you are using an invalid, expired, or "demo" SSL certificate. Did you purchase an SSL certificate for your site? I assume the shopping-cart and/or checkout section of your site is using SSL. )

Security
Internet Explorer 7 helps keep your information safe by alerting you to potential phishing sites — sites that look legitimate but actually are designed to capture your personal information. It's also easier to see which sites provide secure data exchange, so you can shop and bank online with confidence.

Security badges indicate whether the site you are currently visiting is suspicious or a site known for phishing (capturing your personal or financial information).

Security
At a glance you'll see whether the site you're visiting has a valid secure sockets layer ( SSL) certificate or if there are irregularities in the certificate information. Phishing Filter™ warns you of suspicious sites that might attempt to collect your personal information.

Known Phishing Site

Suspected Site

Peace of Mind
And while you browse the web, Internet Explorer 7 automatically monitors your computer to protect you from unwanted and malicious programs that can be installed on your system as a result of surfing the web.