Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.
I have NIS2008 running on Vista Home Premium, all as factory-installed by Dell. Today, for the first time ever, I was blocked from signing in to my Marriott.com account with the following Norton screen:
Fraudulent Web Page Blocked
You attempted to access:
https://www.marriott.com/j_security_check
This web page is a known fraudulent web page. It is recommended that you do NOT visit this page.
For your protection, this web page has been blocked. Visit Symantec to learn more about phishing and internet security.
I have run LiveUpdate (as suggested in another similar thread), but to no avail. As a test, I successfully signed in to my Marriott.com account from another computer that doesn't use Norton protection. Also, I am still able to sign in to many other secured accounts from this computer without any interference. I reported the problem to Marriott Customer Service, but apparently it is not a glitch in their system as they had not heard of it before. My best guess is that there was some change in NIS in the last 24-48 hours that results in this unintended false positive.
Please advise how I can fix this problem, as I need reliable access to my Marriott account to manage my reservations.
Thanks!!!
Hi David,
Changes have been made to the definitions on the LiveUpdate server. Please run LiveUpdate to install these changes, then restart the system and run LiveUpdate again just to make sure everything has been installed. Once you are satisfied all updates have been applied, please try to reproduce the issue you reported. This issue should be resolved now.
Let me know. Thanks!
Iām confused. You say to let you know if a web site is mistakenly reported as fraudulent. How would we know??? I thought that was what you were supposed to be telling me? I got a message that planetsark.com was fraudulent (same message as noted above). That really surprised me because she is a best-selling author and artist and that web site has been up for years. But I have no personal knowledge of her business practices.
the marriott website most likely was not hand picked on to "be on the list"...
problem is fraud sites move around so when symantec puts them on the list they don't just add www.somefraudsite.com to a list of known sites, instead they develop a signature for the site and add that to the definitions. The problem comes along when marriott.com's site also gets caught up in that signature... if they just had a list of web addresses the bad guys would just move to www.nextfraudsite.com as soon as www.somefraudsite.com made the list.
so then someone has to come along and report that marriott site is falsely being accused, and the signature has to get re-written so it's not flagging the good site but still finds the bad ones...
Hi MasterComposter,
If you find a site marked fraudulent that your instincts tell you is legitimate, like planetsark.com, then go ahead and submit the URL for review at the site https://submit.symantec.com/antifraud/false_positive.cgi. Currently we use automated heuristic detection to identify sites as fraudulent.
Let me explain: Before a page loads, the site is scanned for indicators. If enough of these indicators are alerted, a page is given a āspoof ratingā. This rating is what helps to determine if a site is a phish or not. With any heuristic detection there are going to be False Positives. This is when a member of Symantec Security Response is required to review the site submitted via https://submit.symantec.com/antifraud/false_positive.cgi to ensure the server has indeed made a correct determination. If a False Positive (FP) or a False Negative (FN) is noted, Symantec Response places that URL on either the āblockā or āallowā list for correction. A new Block List is then created by the server and sent to the client via an updated config file (sometimes referred to as Fraud Definitions). A high majority of the time FPās are corrected within minutes of being reviewed by Response. As a note, our FP rate is less than 1% in the field. We think we can do better, and are continually working on ways to improve the heuristic detection.
Does this answer your question?
THatās a very good explanation. Thank you. I just recently moved over to PC (which was a gift from brother) from Mac. Never even thought about protection with Mac because so few in that environment, so Iām a bit behind the curve on learning everything. Thank you for your help.
I apologize for any inconvenience this may have caused you.
We encourage our customers to submit websites misidentified as fraudulent via the web site:
https://submit.symantec.com/antifraud/false_positive.cgi
I have gone ahead and submitted https://www.marriott.com/j_security_check for you on that site.
Cheers,
(Edited to fix typo.)