Domain blocked as identified wongly as phishing site #1185

New Issue

OVERLORD · 2025-10-09T17:07:05+03:00

OVERLORD commented

2025-10-09 17:07:05 +03:00

Originally created by @christofkac on GitHub.

I was yesterday informed by my dns provider, that my vaultwarden site was identified by as a phishing site and therefore blocked.

Here the mail which I received mentioning that we use the bitwarden logo and therefore breach a trademark:

Hello,

Please be informed that the chrkac [.] com domain name was reported as involved in abusive activity by a trusted organization. During the investigation, it was noticed that your website content is a copy of the Bitwarden official website. On that ground, we were forced to suspend the domain name due to phishing activities, which include unauthorized use of the legitimate organization denomination and attempts to acquire sensitive information such as usernames, passwords, etc.

As the domain name contains a trademark and uses a logo of the registered brand, for us to be sure that it was registered for legitimate purposes only, you will need to provide us with paperwork proving your cooperation with the Bitwarden website and their consent to use their official denomination in your domain name. Such evidence may be an official document that outlines your relation to official business.

Alternatively, an official representative of Bitwarden can email us directly via legalandabuse@namecheap.com with a claim that you have the lawful ground to act on their behalf.

The paperwork should be scanned, converted to PDF format, and sent to us via email.

Thank you for understanding. Looking forward to hearing from you

I've seen on reddit.com that I'm not alone: https://www.reddit.com/r/Bitwarden/comments/t4n84j/my_bitwarden_instance_has_been_flagged_as_a/

Any idea how to proceed?

Originally created by @christofkac on GitHub. I was yesterday informed by my dns provider, that my vaultwarden site was identified by as a phishing site and therefore blocked. Here the mail which I received mentioning that we use the bitwarden logo and therefore breach a trademark: > Hello, > > Please be informed that the chrkac [.] com domain name was reported as involved in abusive activity by a trusted organization. During the investigation, it was noticed that your website content is a copy of the Bitwarden official website. On that ground, we were forced to suspend the domain name due to phishing activities, which include unauthorized use of the legitimate organization denomination and attempts to acquire sensitive information such as usernames, passwords, etc. > > As the domain name contains a trademark and uses a logo of the registered brand, for us to be sure that it was registered for legitimate purposes only, you will need to provide us with paperwork proving your cooperation with the Bitwarden website and their consent to use their official denomination in your domain name. Such evidence may be an official document that outlines your relation to official business. > > Alternatively, an official representative of Bitwarden can email us directly via legalandabuse@namecheap.com with a claim that you have the lawful ground to act on their behalf. > > The paperwork should be scanned, converted to PDF format, and sent to us via email. > > Thank you for understanding. Looking forward to hearing from you I've seen on reddit.com that I'm not alone: [https://www.reddit.com/r/Bitwarden/comments/t4n84j/my_bitwarden_instance_has_been_flagged_as_a/](url) Any idea how to proceed?

OVERLORD closed this issue

2025-10-09 17:07:06 +03:00

OVERLORD commented

2025-10-09 17:07:07 +03:00

@BlackDex commented on GitHub:

For a company i work for we receive these kind of message almost every week. That company sells Spotify, Google Play Cards, Apple iTunes cards etc.. etc.. And we receive almost every week (sometimes less) a mail about using a logo which is trademarked while those sites are trying to sell products which provide money for them.

Also, some rouge companies even pretend to act in the name of the trademark holder, while try only try to scam you into paying some kind of fee or fine or whatever.

Regarding the phishing, i think that is more a browser issue, or maybe a anti-virus software or maybe even some firewalls.
I'm not sure what you think this project or for that matter even Bitwarden can do regarding matching on a domain name and flagging it as potential harmful.

If using a different sub-domain works, then i suggest to do that, and report this false positive to the tool which is marking it as unsafe.

@BlackDex commented on GitHub: For a company i work for we receive these kind of message almost every week. That company sells Spotify, Google Play Cards, Apple iTunes cards etc.. etc.. And we receive almost every week (sometimes less) a mail about using a logo which is trademarked while those sites are trying to sell products which provide money for them. Also, some rouge companies even pretend to act in the name of the trademark holder, while try only try to scam you into paying some kind of fee or fine or whatever. Regarding the phishing, i think that is more a browser issue, or maybe a anti-virus software or maybe even some firewalls. I'm not sure what you think this project or for that matter even Bitwarden can do regarding matching on a domain name and flagging it as potential harmful. If using a different sub-domain works, then i suggest to do that, and report this false positive to the tool which is marking it as unsafe.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1185