Crickets from Trust & Security after false phishing report for our nonprofit

Application Security SSL / TLS
1

What is the name of the domain?

https://www.wta.org/

What is the error number?

Phishing

What is the error message?

This website has been reported for potential phishing

What is the issue you’re encountering

Our non-profit website was falsely reported for phishing and our domain has been blocked since 27-May.

What steps have you taken to resolve the issue?

We deleted old DNS entries in case they pointed to suspicious IPs, requested a review through the portal, upgraded to a business plan to open a support ticket, and have received no responses to our review or the support ticket. It has been 10 days with zero information or feedback or any way to escalate.

We are simply looking for a way to get this escalated. Our nonprofit is in its peak season and we’ve been longtime members of the Washington hiking community. We serve over 5M visitors a year, helping them find trails to hike across Washington.
I attached a copy of the report on our dashboard (Abuse Report 101d7de3937ab3c6)
Our support ticket is: https://www.support.cloudflare.com/s/case/500Nv00000NwWC1/false-phishing-report Uploading: Screenshot 2025-06-05 120620.png…

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

Screenshot of the error

Screenshot 2025-06-05 120620.png
Screenshot 2025-06-05 120620.png690×135 5.54 KB

2 Likes
2

So frustrating!

1 Like
3

Customers on every plan type can open account, billing, and registrar tickets. Only the Trust & Safety team can address your issue. I see the phishing warning on the dash with the active account but no indication of that on the site.

The loads ok for me with no phishing warning. Can clear cache and/or try incognito mode? If you get a phishing warning can you attach a screenshot in your reply?

1 Like
4

The response headers suggest that the domain A record has been set to “DNS Only” to bypass Cloudflare and keep the site running.

1 Like
5

What @jesse23 noted is correct – we’re getting no response from Trust & Security and so are bypassing the service entirely. We’ve gotten no response on the ticket we filed or from the review we requested in our Cloudflare dashboard. We’re looking for help escalating to we can resume using the service and security we’re paying for.

6

@cloonan - do you have any suggestions or recommendations? We’re 13+ days into this and had no warning before being blocked for this false phishing report. For a scrappy nonprofit, this is a really tough situation, especially in our peak season where we’re just trying to help folks get out on hiking trails (for free).

7

It’s sad that this keeps happening and seems to be happening more and more…

Unfortunately the community can’t help and this can really only be solved by the Trust & Safety Team.

But Cloudflare should at least start being stricter with reports of phishing and malware. This is literally starting to be abused by bad people to take down legitimate sites without proof.

Of course, it’s easier said than done and solving it can be tricky, but even so, I think Cloudflare should start paying a bit more attention to this growing number of false reports and start trying to implement measures to stop it or at least try to alleviate the situation.

1 Like
8

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.