none
Smartscreen Filter warning on my web sites RRS feed

  • Question

  • When I visit several of my web sites in IE10 (Windows 8) I get a yellow warning "shield" to the right of the address bar and when I hover over this it says "Are you trying to visit this web site?". If I click on this shield it gives me options to "Report this website as safe" or "Report this website as unsafe".

    I have these websites registered in Bing Webmaster, and clicking on Security/Malware it tells me "Bing did not find any harmful elements on your site.

    I need to find out why IE is telling the world that there's something wrong with my sites when Bing Webmaster tells me there's nothing wrong with them.

    at https://feedback.smartscreen.microsoft.com/smartscreenfaq.aspx I read the following ...

    Q. If I am a website owner, how do I correct a warning on my legitimate site?
    A. You can immediately submit a request for a correction. SmartScreen Filter has a built-in, web-based feedback system in place to help customers and website owners report any potential false warnings as quickly as possible. In Windows Internet Explorer, from a red warning, click More information then Report that this site contains no threats. This will take you to a feedback page where you can indicate you are a site owner or representative. Follow the instructions and provide the information on this site to submit a site for review. 
    To report feedback from the Internet Explorer Download Manager, Right-click on the blocked download and choose Report that this file is safe. This will take you to the feedback page. 
    Once a dispute is submitted, a team of graders inspects the site in question. All disputes should be submitted through the website reporting process to ensure the quickest resolution.

    The problems are: (1) my warning is yellow, not red (2) there is no "More information" link/button (3) Therefore I can't "report that this site contains no threats.

    an example site is http://countrynet.com.au/

    Furthermore, if I respond to the "Report this website as safe" process more than once I get this message " ...Error 
    This web address (URL) has already been submitted in this browser session. If you are owner or representative of this website and are trying to access the site owner form, please close your browser, and then resubmit the form in a different browser session."

    So this message refers to the "site owner form" which I am unable to find.

    • Edited by RB2251 Monday, February 8, 2016 1:29 AM more info
    Monday, February 8, 2016 12:56 AM

All replies

  • Hi RB,

    try navigating to http://countrynet.net.au/wp-content/uploads/favicon.png

    that address is redirected to your site root folder and the site loads without any Phishing warning...

    I think you can fix the false positive by correcting your favicon link in your head section.

    I think the Phishing filter is detecting the redirect when the browser looks for the favicon.png.... normally MSIE browsers will fall back to the root folder if the specified favicon link is not found... there should be no need to have a redirect on you wp-content/uploads folder

    see https://en.wikipedia.org/wiki/Favicon

    for instructions about giving your site a site icon that all web browsers will find.... for backwards compatibility  you should use a gif image renamed with an .ico extension and make sure that your web server serves .ico files as image/x-icon mime type.

    <link href="http://countrynet.net.au/wp-content/uploads/CNET_Favicon_NEW.png"
    rel="shortcut icon" type="image/x-icon"/>

    works in modern browsers without a redirect.

    mmmm.... I see that you have JUST made the change yourself? (12:43 pm AEST).... did you use the dev tool to find the redirect?

    To avoid confusion please include links to any website you are having problems with your questions. That way you will get a qualified answer without a COD violation.... honestly how can someone answer your site specific problem if you don't tell us your web site address?

    ref: http://answers.microsoft.com/en-us/ie/forum/ie10-windows_8/how-to-report-a-website-which-is-blocked-by-smart/2a9fa3a7-f4e9-4ba4-8711-693e353bcb7f

    Regards.


    Rob^_^

    Monday, February 8, 2016 1:51 AM
  • Thanks Rob. I do appreciate your quick reply that gives me a small glimmer of hope on this issue, and I'll look into the favicon thing now.

    On your other points ...

    No I didn't change anything at that time.

    I did put the URL of one of the web sites getting the problem in my original post.

    Your "ref:" is not much use to me. It's just a very similar case to mine .. advice from Microsoft to click links that don't exist. It's infuriating that MS should effectively slander my site .. only to users of their own browser .. then provide absolutely no way even to request a fix to the situation, but providing bogus red-herring dead-end instructions. It would be nice if their own bing-webmaster tool would point out any issue with favicon or anything else that's likely to trigger a false positive in smartsearch.

    Monday, February 8, 2016 4:34 AM
  • oh - now I'm confused.

    http://countrynet.com.au - here I've changed the link for favicon.ico to go straight to the root folder, also tried with no favicon link at all, and I still get the yellow shield warning

    http://countrynet.net.au - (note: .net.au) still has its original reference to favicon in the uploads folder but does NOT get the yellow shield!!


    • Edited by RB2251 Monday, February 8, 2016 5:43 AM fix typo
    Monday, February 8, 2016 5:43 AM
  • Hi RB,

    on the Network tab of dev tools you will find a button to "Always refresh from server..... after changing your favicon link.... you will need to open dev tools at the networking tab and then refresh the page (without closing the networking tab of dev tools).

    I tried again this morning.... no problems, no SSF warnings.

    however, back navigation is very slow and is hawked by main.min.js which is avada WP theme, which has a no cache directive.

    http://countrynet.net.au/wp-content/themes/Avada/assets/js/main.min.js?ver=3.8.7

    My reference to the answers post was a miss-informed assumption that your post was the same as the referenced answers post that did not contain an example link.

    If after clearing your cache with dev tools, the problem persists I would suggest that you contact MS Australia (support.microsoft.com)


    Rob^_^

    Tuesday, February 9, 2016 12:21 AM
  • For the benefit of other lost souls having this problem, I finally got to log a support call with Microsoft. The first person I spoke to said he couldn't help because my PC is running Windows 8 (not 8.1) and this version is no longer supported. I said the problem isn't what *I'm* seeing, but what our customers (and potential customers) are seeing.
    Anyhoo, I said I would check the next day in the office using PCs with later versions of Windows. Sure enough Windows 8.1 and Windows 10, with both IE 10 and IE 11 showed the same warning sign on 5 of my company's 12 web sites. I gave him remote access to one of these machines and he escalated it to the IE team.

    I then received a call from the IE team. I could barely understand the almost-english this person was speaking and had to resort to chat for most things which was good because it gave me a record (excerpt below fyi). This person tried to tell me that the solution to the problem was to (a) report the site as safe by clicking "Yes" on the warning, then (b) turning off smartscreen filter, and possibly (c) using "edge" which apparently did not display the warning.
    Again I tried to explain that my concern was not what I was seeing but what the world was seeing. It didn't work so I resorted to "I want to speak to your manager" which surprisingly worked!
    The manager was a real human being who straight away understood the problem, acknowledged that it was at their end, not mine, and escalated it to the SmartScreen team.

    The next day all but one of the 5 sites affected OK (no warning displayed) and hopefully the last one will be fixed soon.

    I had an update which had a nice but inane "response" from the SmartScreen team, to which I replied. I hope they actually read it!..

    Included below:
    1. transcript of support chat (some phone talk was interspersed so it's not really a complete record
    2. response from SmartScreen team
    3. my response


    1. -------------------------------------------------------

    3:31 PM Connecting...
    3:31 PM Connected. A support representative will be with you shortly.
    3:31 PM Support session established with Support technician.

    3:32 PM Support technician: Hi Rod 

    3:32 PM You have granted Support technician permission to control your desktop. To revoke, click the red X on the toolbar or press Pause/Break on the keyboard.
    3:32 PM Remote Control started by Support technician.

    3:35 PM Support technician: you opened the smart filter ?
    3:35 PM Support technician: i mean that you want enablr the smart screen filter , right ?
    3:41 PM Support technician: when we turn off the smart screen filter, this safe tips will disapear 
    3:42 PM Support technician: SmartScreen Filter is a feature in Internet Explorer that helps detect phishing websites. 
    3:43 PM Support technician: the smart screen filter think this site is phishing site
    3:43 PM Rod: why?
    3:47 PM Support technician: this site not tell it will take how long time
    3:49 PM Support technician: i think it not effect immediately
    4:11 PM Support technician: i did some test on my computer, the IE 11 can report the safe website
    4:12 PM Support technician: but the edge browser can't report it , it doesn't work 
    4:12 PM Support technician: you can open your IE11 to test it 
    4:14 PM Rod: Amy - I don't think you understand the problem. It's not about me or my computer or the computers in my company. It's not about whether I want to use smartscreen filter or not.
    4:15 PM Rod: The problem is what our CUSTOMERS see. I have no control over what version of Windows or IE they use. I have no control over whether they use smartscreen filter or nor. But I know that most of the people who come to our web sites using IE *will* have smartscreen filter on. So they will see this warning about our web sites.
    4:16 PM Support technician: thanks for your clarification 
    4:16 PM Rod: The instructions provided by IE DO NOT allow me as the web site owner to report this as a false positive. I NEED TO KNOW HOW TO STOP SMARTSCREEN FILTER FROM SAYING THAT MY WEB SITES ARE HARMFUL.
    4:17 PM Support technician: from my tests,  the edge broswer not worked when we report safe site. i need some time make a reseache about if the edge browser have known issue 
    4:18 PM Support technician: you mean you want report this issue on one side
    4:18 PM Support technician: ?
    4:19 PM Support technician: it seems need report this safe site on customer client browser .
    4:19 PM Rod: Unfortunately you don't understand the problem and nothing I say is changing that. I have tried to explain it clearly but you don't understand the problem.
    4:19 PM Rod: I need to talk to another person about this. Can I please speak to your supervisor?
    4:20 PM Support technician: i'm sorry for that, i will contact my colleage to talk this issue with you. 
    4:20 PM Rod: thank you - do you want me to wait on the phone
    4:20 PM Rod: ?
    4:20 PM Support technician: yes, let us close this call. 
    4:21 PM Support technician: my colleague will call you 
    4:21 PM Rod: ok - thank you


    2. -------------------------------------------------------

    Hello,

    The SmartScreen prompts you’ve experienced are requests for feedback from end users. This feedback is helpful in fine-tuning SmartScreen’s detection of phishing websites. Users are not prevented from accessing the site or ignoring the request.

    When navigating to a site, users are asked to confirm that the website is the same one they intended to visit. If it is, they can report the website as Safe; if it is not, they can report the website as Unsafe. SmartScreen graders will review reports of unsafe websites, to ensure that users are warned of potentially malicious content. 

    After their first interaction, users should not see the request again. 

    We hope this information has been helpful.

    Thanks,
    SmartScreen Support

    3. -------------------------------------------------------

    Thanks for your information about SmartScreen. I would like to explain the effect this has had on me as a website owner, and hopefully prompt some improvements to be made in this system & process.

    * The SmartScreen prompts you’ve experienced are requests for feedback from end users. This feedback is helpful in fine-tuning SmartScreen’s detection of phishing websites. Users are not prevented from accessing the site or ignoring the request.

    If the end-user is my potential customer, what they effectively see is a warning from Microsoft that my web site is potentially “unsafe”. This word “unsafe” appears three times on the warning pop-up (IE 10).
    In my view this is likely to turn people off viewing the site further. Sure the message doesn’t prevent them from viewing the site, but SmartScreen has effectively slandered my site when my potential client views it. Many of these people will be psychologically  prevented from viewing further due to the normal (and right) paranoia about virus etc.

    * When navigating to a site, users are asked to confirm that the website is the same one they intended to visit. If it is, they can report the website as Safe; if it is not, they can report the website as Unsafe.

    Yes, but why would they bother doing this? There is little motivation to do this, except for me as the site owner. Especially as they have to enter a near illegible captcha to do so. My guess is that most viewers of a “safe” (false positive) site warning would not bother to click “Yes” and if they did, would not bother to try to enter the captcha to complete it. Most would just close the page. My competitors on the other hand might relish clicking “No” and building a case against me.

    * After their first interaction, users should not see the request again. 

    This may be the intention but it certainly doesn’t work that way for me. After going through the Yes process, the warning is still visible. It remains visible even if I refresh the page, or close IE, reopen and return to the site. I hope you will check this for yourself. I do a lot of software testing so I know it’s easy to have a belief about how something works without having actually gone through the process.

    Furthermore if I click Yes and go through the process a second time, I get this message (my highlighting):
    Error
    This web address (URL) has already been submitted in this browser session. If you are owner or representative of this website and are trying to access the site owner form, please close your browser, and then resubmit the form in a different browser session. 
    Well, yes! I am the owner of the website. So where is this “site owner form” you speak of? Nowhere! If I follow the instruction (close your browser, and then resubmit the form in a different browser session) it just takes me back to the start again. I’m reminded of one of my favourite movies: Groundhog Day

    Then there’s the SmartScreen Filter FAQ link on that page that has this (my highlighting):

    Q. If I am a website owner, how do I correct a warning on my legitimate site?
    A. You can immediately submit a request for a correction. SmartScreen Filter has a built-in, web-based feedback system in place to help customers and website owners report any potential false warnings as quickly as possible. In Windows Internet Explorer, from a red warning, click More information then Report that this site contains no threats. This will take you to a feedback page where you can indicate you are a site owner or representative. Follow the instructions and provide the information on this site to submit a site for review. 
    To report feedback from the Internet Explorer Download Manager, Right-click on the blocked download and choose Report that this file is safe. This will take you to the feedback page. 
    Once a dispute is submitted, a team of graders inspects the site in question. All disputes should be submitted through the website reporting process to ensure the quickest resolution.

    Again, Yes! I am the web site owner! And I DO want to “correct a warning on my legitimate site”!
    BUT the instructions, specifically the sentence I’ve highlighted, do not work! The message is Yellow, not Red. And there is no “More information link”, so I cannot report that my site contains no threats.

    I hope this all helps you see the bigger picture, which I will summarise here:
    For some reason still unknown to me, an without notifying me, SmartScreen filter started putting warnings on 5 of my web sites
    As the website owner there is NOTHING I can do to find out why this has happened or to fix it or request it be fixed
    The of links and info provided about this warning point me to two different actions to try to resolve the situation, both of which are impossible to do.
    Meanwhile the world sees my web sites a potentially “unsafe”
    I have my sites registered in Bing Webmaster and when I click on “Security” there is says “Bing did not find any harmful elements on your site”
    My only recourse (excluding legal action) is to raise a support call with Microsoft …
    o For which I may have to pay up front (fortunately I didn’t because I am a Microsoft Partner) and may only get a refund if it’s acknowledged to be a Microsoft problem
    o Where at first I am asked what computer environment I’m running, which at the time is Windows 8 Pro, IE 10 – then I’m told that there is no longer any support for Windows 8 so there is no help available for the problem
    o Only when I demonstrate the problem on Win 8.1 & Win 10 is the problem “escalated”
    o When escalated I am told that I should use the “Yes” process to report the site as safe – as if this is a solution to the problem – like close your eyes and the bear will disappear! – , and then I’m told to turn SmartScreen off (ditto), or to use “Edge” where, apparently, the warning doesn’t appear. No amount of explaining from me gets it through to this person that I don’t care what *I* see, it’s what my customers and everyone else sees that’s the problem
    o Finally when I ask for this to be escalated to a supervisor someone actually understands the problem (thank you Juntao!)

    I deal with a lot of frustrating situations in my work (web systems development). We use a lot of excellent software from Microsoft. But this is one of the most infuriating experiences I’ve had for a long time.

    Thursday, February 11, 2016 4:04 AM
  • yo mama .. not a very helpful contribution
    Thursday, February 11, 2016 4:09 AM
  • Thank you for expressing so exactly my frustrations! My site was flagged yellow a few days ago, and I'm sure it's alarming my customers. After many months with no flag, I'm wondering if the flag was triggered when I registered my site with Bing a few days back. That would be some sweet irony...
    Thursday, February 11, 2016 1:45 PM
  • you're welcome! and thank you .. now that you mention it, registering my sites on Bing webmaster might have been the trigger for me too. It's bit hazy now but I'm not sure if I registered on Bing then saw the error, or saw the error and registered on Bing to try fixing it. After your post, I suspect it was Bing first.
    • Edited by RB2251 Thursday, February 11, 2016 10:34 PM
    Thursday, February 11, 2016 8:51 PM
  • Update: I got referred to stackoverflow, was about to post a question there when I noticed that the SmartScreen alert on my site was gone. Gone for good, I hope!
    Friday, February 12, 2016 11:24 PM
  • I appreciate your frustration.  My problem is from the perspective of the customer.  I recently started seeing the alert on eBay.  I can get to the listing but there will be a big red block over much of the information.  I can't very well report it as safe since I don't know if it's safe.  I mean, I believe eBay is safe but what about the info in the individual listing?  I'm not computer savvy enough to know if that is an elemental concern or not.  I know I can disable SmartScreen but I don't particularly want to bite off my nose to spite my face.  Any suggestions?
    Saturday, October 1, 2016 3:10 AM
  • I am the owner of shoperies.com.

    My customers report that IE/edge is reporting my website as harmful with a red block. I have to go to smartfilter everytime to get rid of this issue by reporting to them.

    My website doesnot have any external links. Runs fully on https and is PCI complaint from multiple authorities.

    This is very annoying to my team and this issue happens only while using ie or edge and not with any other browsers. This gives a very bad image for my website. Please don't tell me that when users click on some icon it is redirecting to a different page. The website doe not redirect away into another domain. A permenant resolution to this problem will be appreciated. Thanks


    vallur

    Thursday, March 2, 2017 6:20 PM
  • Hi vallur,

    I visited your website https://www.shoperies.com/ and did not get any Smart Screen warnings... could you post a screen shot of the error message you or your customers are receiving?

    No, you website does use external links.

    You could try removing this link

    https://sealserver.trustwave.com/seal_image.php?customerId=bf5480b7102a4fbeb72bf994a67ff82e&size=105x54&style=

    When I click that link the page freezes... do you still have the correct details with trustwave?

    Novice users may also be confused by "Certificate address mismatch" warnings that can occur if reconnecting on a public access network. see Internet OPtions>Advanced tab, "Warn about certificate name mismatch".

    or

    Incorrectly, users have placed your web site domain in their Trusted Sites list, think that they need to do that for https sites.

    Regards.


    Rob^_^

    Questions regarding Internet Explorer 8, 9 and 10 and Internet Explorer 11 for the IT Pro Audience. Topics covered are: Installation, Deployment, Configuration, Security, Group Policy, Management questions. If you are a consumer looking for answers or to raise a question, it's highly recommended you head on over to http://answers.microsoft.com/en-us

    Friday, March 3, 2017 2:29 AM