Reporting a LetsEncrypt Certificate Being Used on A Malicious Site


We got this site: (fake site) used to stole banking users and password, they are stoling information to transfer money from the scammed users.

The real site is:

Is there a easy form to report certificates in order to warn users about the danger?

Thanks in advance


Hello @jmgt,

Let’s Encrypt won’t revoke the certificate, take a look to this post from ISRG Executive Director.

What you should do is report the scam site to Google Safe Browsing and Microsoft SmartScreen (I don’t use Internet Explorer but I think you can report a phising site from IE directly).

Edit: Here a site that explains how to report a malicious site from Internet Explorer. I’ve already reported it to Google and Microsoft.

Edit 2: Changed the link to Google Safe Browsing, I used the link to report malware instead of the link to report phising.

Edit 3: I’ve checked again (2017-May-03 at 07:20 UTC) the scam site and it is flagged as scam already (at least using Firefox browser).



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.