Introduction
With minimal effort, scammers can mimic your domain, impersonate your brand, and trick your customers into fraudulent purchases, from long-time followers to first-time buyers.
These phishing websites don’t just put users at risk; they tank your bottom line and damage your business. Every impersonation incident can mean lost revenue, customer trust, and tarnished brand reputation.
Taking down these fake sites quickly is critical, but the process isn’t always clear. In this guide, you’ll learn exactly how to report a domain for phishing and remove impersonation sites fast, so you can protect your brand and your bottom line.
Step-by-Step: How to Report a Phishing Domain
Because this is an independent website, rather than a seller on a platform, there’s unfortunately no standard takedown form to complete.
Instead, you’ll need to report the phishing domain manually, and to multiple sources, to maximize the chances of complete site removal.
Here’s who to report the phishing domain to:
- Domain registrar
- Hosting provider
- Anti-phishing authorities
- Law enforcement
Report to the Domain Registrar
Domain registrars are the companies that provide the domain names for websites, as well as the IP address where the site lives. While registrars can’t remove infringing content from a phishing site, they can suspend or disable the domain, making it impossible for consumers to access.
To report a phishing site with a domain registrar, you’ll need to identify the registrar and follow their reporting process.
Step 1: Identify the Registrar
Domain registrars are rarely identifiable from simply visiting the website you are reporting, so you’ll need to use a search tool like Whois or ICANN.
To use these tools, just enter the phishing site’s URL to access key identification details, including the registrar and their designated abuse contact.
You may also find the site owner’s email address, site creation dates, and hosting info, all of which may come in handy for your takedown.
Step 2: File an Abuse Complaint
Most domain registrars have clear policies and dedicated channels for reporting phishing and brand impersonation.
Once you’ve identified the registrar, go to their official website and look for a “Report Abuse” or “Legal” page. Use the appropriate form or contact listed there to submit your complaint.
Step 3: What to include in your report:
Make your takedown request as clear and compelling as possible. Include:
- Your full contact information
- A brief explanation of how the phishing site is impersonating your brand
- URLS and screenshots showing the infringement
- Proof of your original website (e.g. homepage, product listings, brand assets)
- Any registered trademarks or copyrighted content
- Reports from affected customers, if available
If the registrar accepts your complaint, they may suspend the domain, effectively cutting off access to the phishing site. In the meantime, continue your takedown efforts by reporting the domain to the hosting provider next.
Report to the Hosting Provider
While registrars control the phishing site’s domain name, hosting providers are responsible for the server space where the site’s content actually lives.
They can request the removal of infringing content, and in many cases, shut down the site entirely for brand impersonation and consumer deception.
Step 1: Identify the Hosting Provider
Similar to the tools mentioned above, you can use IP search tools like Whois Lookup and Hosting checker to identify the phishing domain’s hosting provider.
Step 2: Submit a detailed takedown request
Submit a takedown notice to the hosting provider using the same evidence you provided to the domain registrar. Clearly explain how the site’s phishing activity violates the host’s terms of service, including impersonation, fraudulent sales, and any other applicable violations.
Report to Anti-Phishing Authorities
In addition to reporting directly to the companies behind the site, you should also alert anti-phishing authorities who track and shut down malicious domains across the web.
APWG, Google Safe Browsing, and Microsoft SmartScreen are some of the top anti-phishing authorities to report to in order to render the site inaccessible quickly.
Here’s how to report the domain via each authority:
- APWG (Anti-Phishing Working Group): Email reportphishing@apwg.org to report phishing. This is primarily to report phishing emails, but you can report a phishing domain as well. Provide evidence and a description of the violation in your email.
- Google Safe Browsing: Report phishing websites to Google by completing the form at Google’s Safe Browsing Report Phishing Page. Provide the phishing URL and any relevant details to help Google protect users across its platforms.
- Microsoft SmartScreen: Submit reports of unsafe websites through Microsoft’s Report an Unsafe Site form. Include the phishing URL and any supporting evidence to assist Microsoft in blocking the site across its products.
Once you’ve reported the phishing domain to anti-phishing authorities, the next step is to escalate the issue to law enforcement, especially if the attack is severe or ongoing.
Report to Law Enforcement
Have your reports failed to get the phishing domain taken down? You can try submitting additional evidence and starting new reports, but that means your brand will still be at risk as you wait for approvals.
When the threat is high and involves significant financial loss and widespread consumer harm, escalating the issue to law enforcement is crucial.
For severe cases, consider reporting to your local cybersecurity agency. If you or the phishing domain is based in the United States, submit a complaint to the FBI’s Internet Crime Complaint Center (IC3). These agencies can investigate and potentially take legal action against the perpetrators behind the phishing attack.
What to Do After Reporting
Once you’ve submitted your reports, your role isn’t quite over. Here’s how to follow up effectively and stay on top of the situation.
Respond to Follow-Up Requests
Keep an eye on your inbox after you file reports. Registrars, hosts, or anti-phishing groups may reach out asking for more details. Respond quickly to keep the process moving and improve your chances of a fast takedown.
Resubmit if your takedown was denied
If your takedown request is denied, don’t give up. Denials can happen for many reasons, from missing information to unclear evidence or even internal delays.
Review any feedback you received, gather additional evidence, and resubmit your report.
Monitor the Phishing Site
Just because you’ve reported the site doesn’t mean it goes away immediately. Until the site is fully taken down, it’s still a live threat.
Check in daily to see if the site has been removed, and if not, don’t hesitate to escalate your report or reach out to additional platforms for help. Website monitoring tools can also save you time by tracking the site automatically and alerting you to similar scam sites under different domains.
Keep Customers Informed
While the phishing site remains active, be open and upfront with your audience. Use email, social media, or banners on your site to warn customers. Share what to watch out for and how to avoid falling for the scam.
Prevent future attacks with proactive monitoring
One takedown is a win, but phishing isn’t a one-time threat. Set up domain monitoring tools to alert you when suspicious domains pop up. The sooner you catch them, the sooner you can shut them down, before they hurt your brand or your customers.
Bonus: How to Speed Up the Process
Taking down a phishing site can take days to weeks of time-consuming, manual work, all while the site stays live and continues threatening your business.
Plus, without a proactive monitoring strategy in place, sites can easily reappear under new domains and continue to wreak havoc on your brand.
For brands facing repeated attacks, an automated domain takedown tool can make a major difference.
- Save critical time: With an automated tool, you won’t have to waste time tracking down registrars and hosting providers or filling out tedious reports manually. Instead, violations are identified and reported automatically, saving you hours of hassle and stress.
- Minimize brand damage: Automated tools detect and remove phishing sites as soon as they appear, before they become a threat to your customer trust and brand reputation.
- Reduce operational headaches: Automation lightens the load on legal, IT, and security teams by eliminating repetitive tasks like monitoring and manual reporting.
- Focus on your business: With phishing threats handled in the background, you can prioritize growing your brand, not fighting fraud.
Platforms like Red Points offer automated domain detection and takedown capabilities, helping brands respond quickly to threats and reclaim control of their online presence.
Take Down Phishing Sites at Scale
Phishing sites aren’t going away any time soon, and with domains now cheap and easy to create with the support of AI, scammers can launch new threats in minutes. That means your brand and your customers are always potential targets.
To keep up, speed and scale are essential. The faster you can detect and shut down phishing domains, the less damage they can do to your reputation and customer trust.
Manual reporting can work, but it’s time-consuming and inconsistent. Automated tools can help you stay ahead by detecting phishing domains in real time and enforcing takedowns at scale, before scams spiral out of control.
If phishing is becoming too frequent or too difficult to manage alone, it may be time to invest in a smarter, faster solution like Red Points.
Related Categories