Phishing warnings

Tags: #<Tag:0x00007fcb4ba5e600> #<Tag:0x00007fcb4ba5e498> #<Tag:0x00007fcb4ba5e330> #<Tag:0x00007fcb4ba5e1c8>


Yeah - we all get that same patronising BS when we fill in the reports.

As this is Google it is all probably being filed away in /DEV/NULL/ but something has to be done. Anyone know any lawyers who can fill in that form and explain that they are accusing the wrong people?


On the homepage, it’s probably triggered by one (or more) of the cover art images in the “Recent Additions” section. Since that section is constantly being updated, it would explain why the warnings come and go.


I realise it is the links on the front page to the images. What I mean by it’s randomness is there are always links on the front page. Always linking to a small number of servers. Only ever loading an image. Sometimes the warnings appear, other times not even though the images are coming from the same server.

It is never correct in its accusations. Those images, and the way they are loaded, are not going to deliver anything dangerous to you.

I had one warning pop-up on the “My Open Edits” page when the only images in view were ones I had uploaded the day before… :roll_eyes:

Their scam warning is not narrow enough. It has no ability to understand the concept of a shared server. So it sees something bad on one little corner of the Wayback Machine and then paints the whole huge server as “bad”. There should be the same warning for anyone visiting GoogleDrive as there are bad things hosted in corners of that too.


So who are we supposed to ask to have the recently added section and all CAA images removed from the main page ?


You’re supposed to file a ticket under if you have something you wish to see changed on


Oh yes we could trick the homepage by showing the Amazon image for the new releases that have both a CAA and an Amazon link.
Recent Additions are already a filtered down list anyway.


But that won’t solve it for the other pages that display images. It is just delaying the point someone would see the warning message.

This has to be hassled at the Google end. That is where the real issue lies.

And please - no Amazon images. Most of the time when I login there are unusual images being shown that are unlikely to be on Amazon. Saw someone uploading a bunch of old Punk Cassettes the other day. It is quite an enjoyable feature seeing a random selection of images that I wouldn’t normally ever see.


This issue has been discussed in weekly meeting yesterday. Everyone agreed on temporarily hiding cover art on the homepage from Chrome-based browser. But I cannot reproduce the issue.

For example, the above mentioned server still contains harmful content according to Safe Browsing, but including cover art hosted on it doesn’t trigger any alert.

Is the issue still current? Or does it only happen on the homepage? Anyone facing this issue again, please report the list of recent additions (with links or MBIDs) present on the homepage at that time.


I use Vivaldi, based on Chrome.
I only had this problem for one day maximum, but maybe I did check a box saying « don’t bother me again for this site, I trust it. » ?

6 minutes later:

How ironic, as soon as I thought I did not have this at all for days and days, I go to a random release and then click on its 16th track’s recording (try it, click that recording) and got that dreaded red screen of hell, again!

Actually I am using FUNKEY CAA user script that shows me all those release cover arts.
Without user script, you might have to locate which of those releases does trigger the google red screen of hell.

Then I clicked on visit this unsafe site and indeed I am no longer warned.
It may have stored my wish to visit this (ahem) unsafe site for a week or two.


Thank you, I cannot get the same dreaded red screen of hell even after visiting every of those releases, but at least you confirmed the issue is still current. I just filed MBS-9930. There is no way to reliably reproduce the issue as each CAA item may be available from more than one IA server.


Please don’t hide coverart on the front page. That really won’t solve much. And just make a more boring page to visit.

Better to start TALKING about it on the home page. Warn people of the bogus warning messages and that they need to visit Google and complain complain.

Like @jesus2099 I am also using Vivaldi and the warning can pop up randomly all over the place. And then disappear just as suddenly.

The stupid Google system does not understand that SHARED use servers are SHARED.


That doesn’t help if they never make it to the home page before the red screen of scare appears. That’s why it makes sense to hide cover art there specifically (and mention why: “Cover art is temporarily disabled on Chrome because of this issue, complain here!”), and let it be elsewhere on the site, where hopefully people will now know the warning should be ignored.


Yes. Now that makes more sense. Chrome Only warnings. Maybe a dirty great big Green and Orange pop-up box that says “Your copy of Chrome is lying to you. Complain to Google if you want your pretty pictures back”. :wink:

Then add links to “Download Firefox here”

That should help get their attention :smiley:


I just got the phishing warning immediately when I uploaded a new cover.


Were you able to end the upload process properly?


Yes, the warning came after the edit completed and MB tried to redisplay the page. It’s still giving me the red screen on that image this morning.


I got it for server now.
I should have noted the other warnings I got because I think each time there is a new supsected server, I get a new message.


I got it for server now.

I’m still glad I am using Firefox.


Getting it on this page:


Ah - so you’re the one uploading dodgy images. :rofl: Maybe this is Google doing quality control… or just trying to stop people uploading to non-Google servers. Stick the Google “knows all” Analytics back on and the warnings will stop. This is Google Mafia…

Found the problem on the server. Clearly Google has found this:

Would it help if we started listing the servers we get warned about? Though I notice most technical conversations about this say Google refuses to ever tell the server owners where the suspect files are.