announcement: reporting and mitigating malicious websites and phishing

On the public botnets mailing list, there have been quite a few "off topic" reports of Malicious Websites. Sites holding malware, malicious code, drive-by installs, phishing sites, etc. The botnets list is of high traffic while it is busy figuring itself out.

We expected this might happen, and so we prepared a second list where these can be handled, along with potentially phishing, etc.
Baddies on Websites.

There is quite a community of sysadmins, security professionals, etc. who deal with these daily. It was nice to find the public being so effective.

The new PUBLIC and OPEN mailing list where anyone can join in
and report suspected malicious web sites is now open.

The mailing list will serve as as place:
*. Where you can discuss detection techniques.
*. Where you can report the sites.
*. Where all relevant groups (private or otherwise) will get your reports.
*. Where the relevant ISP will be automatically notified.
*. Where you can see action taken on your reports.

To subscribe, go to the following page:

Otherwise, to report a malicious website/phishing PRIVATELY and reach all relevant groups, please send email to: