Phishing Reporter
Report dangerous URLs to abuse/safety services via browser automation.
Reporting Strategy
Report to all applicable services in order:
- 1. Google Safe Browsing (automated) — global reach, blocks in Chrome/Firefox/Safari
- NCSC Switzerland (semi-automated) — Swiss national cyber security centre
- Domain registrar (manual) — WHOIS lookup → abuse contact
Service 1: Google Safe Browsing (fully automated)
URL: �INLINECODE0
Workflow
Use the browser tool (profile: openclaw) to automate:
- 1. Open the URL above
- Report Type: "This page is not safe" (default, leave as-is)
- Click "Threat Type" dropdown → select "Social Engineering" (for phishing)
- Click "Threat Category" dropdown → select best match (see references/services.md)
- Click URL textbox → type the phishing URL
- Click Additional details textbox → type description
- Click Submit
- Verify "Submission was successful" message
Notes
- - Form uses custom dropdowns: click combobox → click option in listbox
- reCAPTCHA v3 runs invisibly — usually passes for headless browsers
- If CAPTCHA blocks: provide manual instructions as fallback
Service 2: NCSC Switzerland (chat wizard)
URL: �INLINECODE2
The NCSC uses a multi-step chat wizard (not a simple form). Automate via browser:
Chat Path for Phishing Website Reports
- 1. Open �INLINECODE3
- Click: "A website/a web service/a web platform"
- Click: "I would like to report a third-party website"
- Click: "The website displays fraudulent content"
- Click: "The website copies another known website" (for phishing clones)
- Continue through remaining steps (URL input, description, contact info)
- Submit the report
Direct Path URL (skips first steps)
�CODEBLOCK0
Notes
- - Wizard is stateful — each step reveals the next
- No CAPTCHA, but many clicks required
- Email alternative:
notification@ncsc.ch (include URL and description) - If automation fails, provide the direct path URL + instructions
Service 3: Domain Registrar (manual lookup)
- 1. Run WHOIS lookup:
whois <domain> or use �INLINECODE6 - Find "Registrar Abuse Contact Email"
- Send abuse email with phishing URL and description
Additional Details Template
CODEBLOCK1
Fallback: Manual Instructions
If automated submission fails, provide the user with:
- 1. Direct links to each reporting form
- The URL to report
- Recommended categories/types
- Pre-written description text
Additional Reporting Services
See references/services.md for full list including Cloudflare, PhishTank, and APWG.
钓鱼网站举报器
通过浏览器自动化向滥用/安全服务举报危险URL。
举报策略
按顺序向所有适用服务举报:
- 1. 谷歌安全浏览(自动化)——全球覆盖,在Chrome/Firefox/Safari中拦截
- 瑞士NCSC(半自动化)——瑞士国家网络安全中心
- 域名注册商(手动)——WHOIS查询→滥用联系邮箱
服务1:谷歌安全浏览(全自动)
网址:https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
工作流程
使用浏览器工具(配置文件:openclaw)自动化:
- 1. 打开上述网址
- 举报类型:此页面不安全(默认,保持原样)
- 点击威胁类型下拉菜单→选择社会工程(针对钓鱼)
- 点击威胁类别下拉菜单→选择最佳匹配(参见references/services.md)
- 点击URL文本框→输入钓鱼URL
- 点击附加详情文本框→输入描述
- 点击提交
- 验证提交成功消息
备注
- - 表单使用自定义下拉菜单:点击组合框→点击列表框中的选项
- reCAPTCHA v3静默运行——通常对无头浏览器通过
- 如果CAPTCHA拦截:提供手动说明作为备选方案
服务2:瑞士NCSC(聊天向导)
网址:https://www.report.ncsc.admin.ch/en/
NCSC使用多步聊天向导(非简单表单)。通过浏览器自动化:
钓鱼网站举报的聊天路径
- 1. 打开https://www.report.ncsc.admin.ch/en/chat?path=406%3E407%3E1
- 点击:一个网站/一个网络服务/一个网络平台
- 点击:我想举报一个第三方网站
- 点击:该网站显示欺诈内容
- 点击:该网站复制了另一个已知网站(针对钓鱼克隆)
- 继续完成剩余步骤(URL输入、描述、联系信息)
- 提交举报
直接路径URL(跳过前几步)
https://www.report.ncsc.admin.ch/en/chat?path=406%3E407%3E1%3E128%3E132%3E133%3E314%3E130%3E135
备注
- - 向导有状态——每一步显示下一步
- 无CAPTCHA,但需要多次点击
- 电子邮件备选:notification@ncsc.ch(包含URL和描述)
- 如果自动化失败,提供直接路径URL+说明
服务3:域名注册商(手动查询)
- 1. 运行WHOIS查询:whois <域名>或使用https://who.is/<域名>
- 查找注册商滥用联系邮箱
- 发送包含钓鱼URL和描述的滥用邮件
附加详情模板
冒充[品牌]的钓鱼网站。域名模仿[真实服务]的客户服务。
旨在窃取[银行凭证/登录数据/个人信息]。
备选方案:手动说明
如果自动提交失败,向用户提供:
- 1. 每个举报表单的直接链接
- 要举报的URL
- 推荐的类别/类型
- 预写的描述文本
其他举报服务
完整列表请参见references/services.md,包括Cloudflare、PhishTank和APWG。
