Phish Report Network Frequently Asked Questions

CORPORATE MEMBERS

• How much does it cost to join?
  
• How do I submit phish sites that are attacking my company's brand for distribution through the Phish Report Network?
  
• What if I accidentally submit a false positive (a legitimate site) into the Phish Report Network?
  
• What if I'm not sure if a Web site is a phish site attacking my company's brand?
  
• How do I become a Receiver?
  
• How do I start the process of becoming a Sender?
  

CONSUMER CONTRIBUTORS

• Does it cost anything to participate?
  
• How do I submit fraudulent phishing sites for distribution through the Phish Report Network?
  

CORPORATE MEMBERS Q&A

How much does it cost to join?

• For Senders, it's free!
• To become a Receiver of the Phish Report Network data, the annual network maintenance fee is $50,000.

• For Senders who occasionally need to submit a phish URL into the network, we have a secure Web browser form that can be used to submit individual URLs one at a time.

  For companies that have many phish URLs they want to systematically submit into the network using their own script, we have an https API they can use to integrate with their own script.

• We will provide you a method to notify us as quickly as possible since the terms and conditions of your agreement holds a Sender liable for any losses or damages a user encounters as a result of a false positive submitted into the network. After you agree to the terms and conditions of the Sender (a.k.a. "Data Provider") agreement and we formally acknowledge you as a Phish Report Network Sender, we will provide that method to you.

  In the agreement, you will see that two (2) false positives submitted in one quarter means that the Sender will need to submit a plan to Symantec within five (5) business days after Symantec requests it detailing the corrective actions that the Sender will take to improve data accuracy. If the Provider submits another False Positive URL during the thirty (30) day period which follows, Symantec can terminate the Agreement.

• We provide guidelines in our Terms & Conditions agreement that you can use.

• To become a Receiver (a.k.a. "Subscriber") of the phish URL data, companies will be required to sign a paper contract. If you are interested in becoming a Receiver, please email Symantec at phish_report_network@symantec.com. In your email, please provide a brief summary of your company and how you believe the data can help your business.

• If your company would like to be a Sender (a.k.a. "Data Provider"), you can click here to review the PRN Data Provider agreement, and start the process of signing up online by clicking on the link at the bottom of the agreement. After you agree to the terms and fill out the Web form with your company contact information, we will respond back within 5 business days to acknowledge your acceptance into the Phish Report Network, or get more information to complete your application.

  Note: Because there is no fee associated with submitting URLs and it would be impossible to customize agreements given the number of Senders signing up, we cannot accommodate modifications to the standard Data Provider agreement.

CONSUMER CONTRIBUTORS Q&A

Does it cost anything to participate?

• For Consumers, it's free!

How do I submit fraudulent phishing sites for distribution through the Phish Report Network?

• The process is simple and straight-forward, allowing anyone who has received a fraudulent email message to help thwart would-be victims by getting the information about the attack into the hands of AntiFraud solution providers and law enforcement through the PRN.
• Consumers just need to visit the following web page to start sending suspected phishing email messages to the PRN.