Help Protect Other Users
One of the most effective ways to help others in our community is to report phishing emails. Our tools scan and analyze your submissions every hour and add any newly found malware or phishing URLs to our lists right away.
There are other ways to contribute to the Malware Patrol Project. If you have an idea for partnering or sharing data that is not mentioned here, please contact us.
Report False Positives
We do our best to avoid false positives, but they may occur. If you believe something is miscategorized, send a message to fp (at) malwarepatrol.net and we will promptly investigate.
Send Us Your Feedback
Your feedback is valuable and much appreciated. Tell us what is working, what could be better, your needs and how we can improve. Send a message to us at support (at) malwarepatrol.net.
Set Up a Spam Trap
Forward the contents of your spam traps to email@example.com. If you need help setting one up, send an email to support (at) malwarepatrol.net.
Report Phishing Emails and Other Suspicious Content
Please forward suspicious URLs and suspected phishing emails to firstname.lastname@example.org. Feel free to share this email with others. Our automated system will extract dangerous URLs, and in no more than an hour, they will be visited and analyzed. If malware or a phishing website is found, the address will be added to our blocklists which are used by thousands. One submission can make a huge impact!
We are grateful to the cybersecurity community members that create and/or curate content and IoCs to share with others. (This includes the ability to report phishing emails!) Also, for the organizations that host threat exchange platforms to facilitate free access to community-sourced data. Malware Patrol publishes a variety of indicators daily on Alien Vault OTX.
Our team compiled a list of resources that they have used or bookmarked during the course of their work. They are organized by category and shared below. Due to the vast amount of information to which these links lead, Malware Patrol cannot ensure the accuracy of their content.
DDoS Attacks (Imperva)
Distributed Denial of Service (DDOS) Attack Mitigation (Identity-Theft-Scout.com)
What is a DDoS Attack? (Cloudflare)
Awesome Malware Analysis (rshipp)
Evasion Techniques Encyclopedia (CheckPoint)
Explained: Packer, Crypter, and Protector (Malwarebytes)
Free Malware Sample Sources for Researchers (Lenny Zeltser)
Malware Naming (Microsoft)
Malware Reports (SecureList)
What are exploits? (And why you should care) (Malwarebytes)
Why Domain Generating Algorithms (DGAs)? (TrendMicro)
Before You Pay that Ransomware Demand (Brian Krebs)
A History of Ransomware Attacks (DigitalGuardian)
Ransomware Detection and Decryption Tools (VinRansomware)
Ransomware Listing (NJCCIC)
6 Common Phishing Attacks (TripWire)
FTC Guidance for Handling Phishing Scams (National Law Review)
A Technical Demonstration of an Email Phishing Attack (Bsides Philly)
What is Phishing? (Phishing.org)
Research & Tools
10 Free or Low-Cost Security Tools (Dark Reading)
51 Tools for Security Analysts (WordFence)
The Book of Secret Knowledge (@trimstray, Github)
Community Tools (Crowdstrike)
CSIRT Services Framework (FIRST)
Database Security Tools (Infosec Institute)
Free & Open Source Computer Forensics Tools (Infosec Institute)
Online Security Classes (Open Security Training)
OSINT IntelTechniques (Michael Bazzell)
Pentest Tools (Carrie Roberts/Tripwire)
Security APIs (Alexander Jäger)