Brian Suda's h2vx.com parsers are not phishing or malware sites but are detected that way.  The protocol to have his hCard parser return a vCard after parsing hCard microformat tagged HTML is to add href="http://h2vx.com/vcf/www.example.com/path-to-hCard-page.ext" to an anchor.  This is where "path-to-hCard-page.ext" might be replaced with something like contact.php for instance.  That link might look like this:<a href="http://h2vx.com/vcf/www.example.com/contact.php" title="Download vCard">Download vCard for Outlook"</a>

This calls his parser, tells it to open "contact.php" on the domain "example.com" then look for hCard microforrmat tagged HTML content, parse it into a vCard, then present you with that vCard for download.  Saves <s>mis</s>re-typing errors, provides search agents with higher confidence content, no downside.

Microformat encoded HTML is gaining popularity.  Engineers should evaluate the response returned when a user clicks to download a vCard in this manner and reevaluate the characteristic warning message.  Thanks for your consideration.