Do I have to be an enterprise customer to block the phishing sites?

Hello,

I have several customers such domain holders. Like www.abc.com
Phishing sites generate in certain periods and occur in google or yahoo search ads. and I want to block their URL and place a Cloudflare security warning page for visitors.

I am a newbie so things are a bit hard to understand how things work. I signed up for a Cloudflare account. The sales person told me that up to 50 users its for free.

Does this user mean 50 different domain name? Or the users under the site like [email protected]?

On the free plan I can only contact the thru community. To get phone support and to block the sites should I be an enterprise customer?

The only way to get Cloudflare to report via the abuse form https://abuse.cloudflare.com

2 Likes

So I think there’s a bit of confusion here.

First, I assume you signed up for Cloudflare Zero Trust (50 users). That means you can block phishing sites for up to 50 users on your side (you need to install the client application), the sites aren’t actually taken down or blocked for anyone else.

You can’t control their site: there’s no service where you can pay and have “warning pages placed for visitors”.

As posted above, you’ll need to fill out the form here if you want to report a site, and the Trust and Safety team will decide whether it’s a valid report and what action to take, if any at all.

2 Likes

Thank you both for the replies.

I want to write here clearly so any other visitor can get an idea, since i searched a lot on community to find an answer.

Here is what i been through.
When i firstly discuss my aim ( to stop and block the phishing sites which appear on search engines and seen on the ad part. Which are imitating and acting as the original website and requesting the visitors login info’s to hack their account) with the sales person she told me i am able to block the sites for upto 50 user in free plan and Cloudflare gateway is for me to use.

I thought that the term “user” mean the domain names i want to block myself. Which sounded weird at first coz it would allow any blockage without approval from any authority, which would be an insecure attempt.

I created a Cloudflare account started to setup the gateway. After I find myself searching how to add the domains and how to block the http’s. I have read the gateway articles, watched the certain videos and figured that Cloudflare works as a firewall solution and is placed between your domain and the internet and you are able to block the sites which you want to close for access that works under that gateway for specific users whom wants to visit but has no affect for the rest of the world. :slight_smile: I said to myself even though it doesn’t help my problem, that sounds much more correct.

I made a long chat conversation again with the sales department yesterday and again asked my issue to get a confirmation and finally i have get the issue right.

On the free plan the only way is to report by using the abuse report form.

On pro plan you are allowed to send an email to a solution engineer.

On the business plan a chat option is available and
on the enterprise plan a hotline is active for your use.

In our case,
Some phishing sites which appears on search engines results is acting as a cold crypto account which is the business of the orginal website owner and we need to block the similar insecure sites to avoid their customer to click by accidentally and share their login info. In our case it requires immediate action so I need to check out which plan suits us best.

Thanks once more.

Are you still referring to reporting phishing sites using Cloudflare here? If so then you cannot use live chat or the phone hotline for this. You also do not have access to a solutions engineer except on Enterprise and they still probably won’t be able to help with abuse issues.

Ohh really :thinking:

Then the only way to report the phishing sites are using the report form?

Correct, that goes to Trust & Safety, which is the only team that can action them.

Well the reported issue takes sometimes 24 hrs to block it.

The phishing sites use Cloudflare to hide their IPs thats why i want to solve it with the trust and safety team in short period of time.

me and my director thought at first if we become a business customer we could handle the problem by using the chat option.

Since the sales person told me that Cloudflare issue the requests acc. to the customer level of plan. I mean enterprise plan customer has higher priority.

But if the only way is reporting by the abuse form the chat option won’t work as we imagine.

For support related to your website, yes. As far as I know, if you go through your account support channels you will just be directed to the abuse form or your request will be placed in the same queue anyway.

Okay thx for the reply.

I will make one more conversation with the sales and let’s see what they will grant for.

I have contacted the sales once more and they confirmed that even if I become an enterprise customer, the only way to solve abuse-related issues only by using the abuse report form at: https://abuse.cloudflare.com/

Respond by sales:
The support team - the one you have access to when becoming an enterprise customer - is trained to help solve issues with your website or network.

The abuse department is completely different and separated.

That looks I have ended my search here. Thanks to you all.