Report Abuse

When an email phishing report is sent through our abuse form, it is sent through our report email phishing tool, a report is also filed with the APWG, ACMA, NZ DIA and UK NCSC. The data is also used to help improve Thexyz spam filtering.

It does not always result in blacklisting, although it does help various services gather data on email abuse and put in place measure to help fight abuse.

You can copy and paste the email data, including the email headers or upload the email as a file. Please ensure that the email file is compressed as a zip before uploading to our reporting tool.

You can use our Blacklist check tool found here: bl.thexyz.com.

Anytime data is shared through us, it is covered by our Privacy Policy. Each report is saved on our servers for a period of one year and after then it is permanently deleted. Report data is shared with orangizations as noted on the submission form.

No. We are accept reports from any service, as long as it is a phishing/spoof email and not spam.

Our reporting tool is programmed to inform all relevant parties and organiations that deal with fighting email phishing abuse. It also can inform any organizations that are being spoofed, these organizations often take email spoofinf seriously and will often inform users of phishy emails to help prevent these malicous campaigns from commiting fraud.

As well as filing a report with APWG, FTC and Thexyz anti-abuse team, it also has the ability to inform the organization being spoofed, if selected on the report. The following organizations are currently integrated into the tool:

• Adobe
• Amazon
• Apple
• AT&T
• Bank of America
• CIBC
• Chase
• Comcast
• Desjardins
• DHL
• DocuSign
• Dropbox
• Ebay
• Facebook
• Fedex
• ICANN
• Geico
• Linkedin
• Microsoft
• Netflix
• Orange
• PayPal
• Rackspace
• Rogers
• Royal Bank of Canada
• Societe Generale
• SunTrust
• Telus
• UPS
• Wells Fargo
• Wetransfer