Support article
How to report a phishing site or fake website
Learn how to report a phishing page or fake website to protect your users and reduce online fraud.
Introduction
Phishing is a form of fraud in which a page, email or form pretends to be a legitimate company in order to steal passwords, banking details or personal information.
If you find a fake page impersonating your company, your domain or any known service, it is important to report it as soon as possible. The more reports that URL receives, the faster browsers, search engines and security systems may be able to block it.
In this guide we explain how to report a phishing site and which information it is useful to gather before sending the report.
Information to gather before reporting the page
Before sending the report, prepare these details:
- The full URL of the suspicious page.
- A short explanation of the issue.
- Screenshots, if you have them.
- The legitimate domain it is trying to impersonate, if you know it.
- The email, message or link from which you reached the fake page.
Do not enter your data on the suspicious website. If you already did, change your passwords immediately and review your accounts.
How to report a phishing page
1. Report the URL to Google Safe Browsing
Google Safe Browsing helps block dangerous pages in browsers and services that use its security lists.
To report a fake page, go to Google’s phishing report form and submit the suspicious URL with a short description.
2. Report the URL to Microsoft Security Intelligence
Microsoft also has systems to analyze and classify dangerous pages. Reporting the URL can help protect Microsoft Edge, Outlook and other related users and services.
Indicate that it is a phishing or impersonation page.
3. Report the abuse to the hosting provider or registrar
If you can identify who hosts the fake page, you can send an abuse notice to the hosting provider or the domain registrar.
To do that:
- Copy the full URL.
- Look up the provider responsible for the domain or IP.
- Send an email to its abuse contact.
- Include screenshots, an explanation and the legitimate website being impersonated.
If the fake site is using miHosting.com infrastructure, you can report it to our team so we can review it.
What to do if the fake page impersonates your domain
If the page is pretending to be your company or domain:
- Publish a temporary warning through your official channels if your customers may be affected.
- Change passwords for panels, email and internal systems.
- Review whether your domain has been compromised.
- Check that there are no suspicious files in your hosting account.
- Open a support ticket if your website is hosted at miHosting.com.
The goal is to act quickly to reduce the risk of data theft.
Useful tips
- Do not open suspicious links from emails or direct messages.
- Always verify the domain before logging in.
- Use unique passwords for each service.
- Enable two-factor authentication whenever possible.
- Keep WordPress, plugins, themes and other CMS platforms updated.
- Do not download files from pages you do not recognize.
Common problems
The fake site is not blocked immediately
Reports may take time to review. Even if you send the report, the page may remain active for a while.
I do not know who hosts the fake page
You can still report it to Google and Microsoft. If you need to identify the provider, you can use WHOIS tools or ask technical support.
The fake page uses my brand or my data
In addition to the technical report, it may be advisable to keep evidence and seek legal advice, especially if customers are affected.
Frequently asked questions
What is a phishing page
It is a fake page designed to look legitimate and trick users into entering passwords, banking details or other sensitive information.
Should I open the fake page to verify it
No. If you already have the URL, avoid interacting with forms, downloads or buttons on the suspicious website.
Can miHosting shut down a fake website
miHosting can act on sites hosted on its own infrastructure. If the page is hosted by another provider, you will need to report it to that provider or to security platforms.
What should I do if I already typed my password into a fake page
Change the password immediately, review recent access, enable 2FA and also change any other account where you use the same password.
Conclusion
Reporting a phishing page helps protect other users and reduces the impact of fraud. Gather the URL, send the report to the main security systems and contact the responsible provider if you can identify it.
If the fake page affects your website hosted at miHosting.com, open a support ticket so we can guide you.