Phishing attack


Does anybody know what to do when you found that somebody uses CloudFlare for Phishing attacks on your resources?

We found 2 clones of our (online since 2013) parked or hosted in CloudFlare:

1st Phishing site regberri[dot]ru
Name Server: CAROL[dot]NS[dot]CLOUDFLARE[dot]COM
Name Server: GEORGE[dot]NS[dot]CLOUDFLARE[dot]COM

2nd Phishing site b-kontur[dot]site
Name Server: CAROL[dot]NS[dot]CLOUDFLARE[dot]COM
Name Server: GEORGE[dot]NS[dot]CLOUDFLARE[dot]COM

I made a request to CloudFlare via Form “Under Attack?” but nobody replied.

This is aspecially strange because from one hand CloudFlare declairs, that on of its goal is to provide Internet Security, but on another hand we see it helps hackers to attack some Internet Resources with CloudFlare help.

What should I do?

Kind Regards,

You need to submit the form at The community cannot do anything here.

Thanks. I used twice yesterday but nobody replied. Still looking for help.

This will take time, you just need to wait until they decided what to do. Again, the community cannot do anything.

Hope you are right

Up. I closed 1st Phishing site regberri [dot] ru through our local hoster, but b-kontur [dot] site is still on CloudFlare and still alive.

Unfortunatelly CloudFlare hasnt answer to my 2 reports. They just ignored them.

CloudFlare! Please dont be evil.

They won’t ignore them, but - as I already mentioned - that can take some time. They might just forward it to the host. Again, the community cannot do anything. Either the host takes action or not.

They seem to be behind on support requests at the moment. In the meantime, their MX and TXT records indicate that they’re using for email; you could try contacting them.

The community cannot do anything. CloudFlare doesnt want to do anything.

What should I do? Should I just wait for another week and be silent? Frankly speeking I want CloudFlare to react somehow. If not, others will see that CloudFlare doesnt provide Internet Security but support frauds.

You can get things moving by following these instructions:


Whether Cloudflare does not want to do anything is something we cannot tell, however you can hardly expect them to jump when you say so. You simply need to wait until your ticket/complaint is handled.

What exactly do you want the community to do? We cannot even establish if your claim is legitimate or not.

You need to follow through with the official channel and wait for the abuse team to handle your case.

1 Like

I find it slightly awkward that you point at the community of Cloudflare when that’s just what the people here are, a community that helps people with their setups and issues they may when using Cloudflare.

At the same time, Cloudflare runs millions of websites, of course, some will turn out to be evil but that does not give you the “right” to point at them nor blame them for not having the lightning-speed reaction you seem to be after.
When you have to deal with such a large amount of customers and incidents, the queue to get attention gets longer and it’s stressful not just for you but also for the people behind Cloudflare.

You were given some advice on how to react to these cases, the best you can do is report them to Google and other search engines so that they blacklist the domains, physing has been on the internet since it was made and unfortunately, it will stay for good, the fastest response you can possibly get is from reporting it directly to the search engines/anti-virus vendors and potentially to your local authorities if possible.


This topic was automatically closed after 14 days. New replies are no longer allowed.