False Positive | banking-oberbank.at

[DS3-IT]

What are the subjects of the false-positive (domains, URLs, or IPs)?

banking-oberbank.at

Why do you believe this is a false-positive?

I believe this is a false-positive because this website is owned by 3 Banken IT, the IT service provider of Oberbank
https://urlscan.io/result/a565d6bf-363b-4a44-8f08-6e9782750e19/

How did you discover this false-positive(s)?

Other (Please fill out the next box)

Where did you find this false-positive if not listed above?

Brand Mentions on Github

Have you requested a review from other sources?

No

Do you have a screenshot?

Screenshot

Additional Information or Context

https://urlscan.io/result/a565d6bf-363b-4a44-8f08-6e9782750e19/

[spirillen]

This is weird,,, I do not find the domain in my latest ALL-phishing-links.csv(1 minutes old)

While it is listed within hosts-sources project (1 hour since last update)

Conclusion

Putting on hold

[DS3-IT]

Hello, it´s in phishing-domains-ACTIVE.adblock on repo Phishing.Database

[spirillen]

Hello, it´s in phishing-domains-ACTIVE.adblock on repo Phishing.Database

That ain't a valid resource, only chose listed on https://github.com/Phishing-Database#-download-data are considered valid

Now I see it in the link list. Taking it from here

Hmmm haven't you been validating your relation to the domain by adding a TXT record??

---

Please add the following TXT to the domain. This is a security check to limit the risk of interacting with the phisher.

Verification Required

Thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

   • Record Name: _phishingdb
   • Record Value: antiphish-0a9405626d32073d896a0439e80766b91119ca56

   Your Verification ID:

   antiphish-0a9405626d32073d896a0439e80766b91119ca56
   

2. Wait for DNS propagation (this may take a few minutes to a few hours).

3. Reply to this issue once the TXT record has been set.

Important Notes

* **Verification does not guarantee whitelisting**. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.

* If the record cannot be set or you need alternative methods of verification, please contact us at [[email protected]](mailto:[email protected]) - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

* The command line:
  ```
  dig TXT _phishingdb.example.com
  ```

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.