How to prevent your website from being flagged as a Phishing Site
There are several things you can do that can help minimize the chance of your site being flagged as suspicious. Think of these as best practices or optimal Web site design ethics.
# 1: Use secure sockets layer (SSL) certification with a current server certificate issued by a trusted certification authority if you ask users for personal information.
# 2: Make sure that your Web page doesn’t expose any cross-site scripting (XSS) vulnerabilities. Protect your site by using anti-cross-site scripting attack tools
# 3: Use the fully-qualified domain name. All domains should reverse to actual domain names, not numeric IP addresses. This means a URL should look like “microsoft.com” and not “207.46.19.30.”
# 4: Avoid using the @ symbol before the fully-qualified domain name in your URL. The @ symbol enables phishers to concoct deceptive URLs and is therefore immediately suspicious to Phishing Filter.
# 5: Don’t encode or tunnel your URLs unnecessarily. If you don’t know what this means, you probably aren’t doing it.
# 6: If you post external or third-party hosted content, make sure that the content is secure and from a known and trusted source.
# 7: When building the content on your site, don’t use invisible text, JavaScript redirects or doorway pages
Related Links:
1. What a PayPal phishing email looks like and How to detect it
2. Unauthorized access to your PayPal account