Summary
Your website link is likely flagged as malware on LinkedIn and listed by Spamhaus and Fortinet due to a confluence of potential issues. These range from technical glitches and false positives to actual security compromises and reputation problems. Key areas to investigate include potential malware or phishing content on your website, server or DNS compromises, hosting-related issues (especially on shared hosting), problems with email link or domain reputation, and possible misinterpretations by MXToolbox. Regular monitoring, proactive security measures, and communication with the flagging services (LinkedIn, Spamhaus, Fortinet) are crucial for resolution.
Key findings
- Technical Issues: The Spamhaus/MXToolbox listing may be due to an MXToolbox bug or user error. Malware warnings on LinkedIn might be non-email related.
- Security Threats: Your website could be compromised, hosting malware or a phishing landing page. A thorough security scan is necessary.
- Reputation Problems: Poor domain or email link reputation can lead to flagging. Building domain authority and improving sender reputation are important.
- Blacklisting Factors: Blacklisting can occur due to spam activity, malware distribution, or website compromise. Identify and remediate the cause.
- False Positives Possible: The flagging may be a false positive. Submitting your site for review by LinkedIn, Spamhaus, and Fortinet is recommended.
- Hosting Environment: Shared hosting environments can be problematic if other users on the server are engaging in malicious activities.
- DNS Tampering: DNS records might be tampered with, redirecting users to malicious websites.
Key considerations
- Run Security Scans: Regularly scan your website for malware, vulnerabilities, and any signs of compromise using tools like Sucuri SiteCheck or VirusTotal.
- Monitor Reputation: Actively monitor your website's domain and email sending reputation using available online tools.
- Contact Flagging Services: Contact LinkedIn, Spamhaus, and Fortinet for clarification and to request a review and removal if the flagging is incorrect.
- Review Hosting: Consider upgrading to a more secure hosting environment, especially if on shared hosting.
- Secure DNS: Ensure your DNS records are secure and haven't been tampered with.
- Improve Sender Reputation: Implement proper email authentication (SPF, DKIM, DMARC) and practice good email sending habits to improve sender reputation.
- Stay Updated: Keep your CMS, plugins, and other software up-to-date to prevent vulnerabilities.
- Address Complaints: Address any complaints related to spam or unsolicited communications promptly.
- Google Search Console: Regularly review Google Search Console to check for any security related findings.
What email marketers say
12 marketer opinions
Your website link might be flagged as malware on LinkedIn and listed by Spamhaus and Fortinet due to several reasons. These include: a potential false positive requiring submission for review, actual malware or phishing content on your site (requiring a thorough scan), a compromised server or DNS, issues with your hosting provider (especially shared hosting), problems with email link reputation (if the link is used in email campaigns), a new domain with a low reputation, or incorrect interpretation by MXToolbox. LinkedIn's flagging could also be due to temporary glitches, aggressive spam filters, or TOS violations. Proactive monitoring, maintenance, and remediation steps are crucial.
Key opinions
- False Positives: The flagging might be a false positive; submit your site for review and removal from lists.
- Malware/Phishing: Your website may contain malware or phishing content; scan your site with tools like Sucuri SiteCheck or VirusTotal.
- Compromised Server/DNS: Your server or DNS may be compromised; check for suspicious activity and potential domain hijacking.
- Hosting Issues: If using shared hosting, another user may be affecting your reputation; contact your hosting provider.
- Email Link Reputation: Poor email link reputation could cause flagging; improve sender reputation and clean your email list.
- New Domain: New domains may face stricter scrutiny; build trust over time.
- MXToolbox Error: Spamhaus listing shown on MXToolbox may be due to the tool's incorrect interpretation.
- LinkedIn Glitches/Filters: LinkedIn flagging could be due to glitches, aggressive filters, or TOS violations; contact LinkedIn support.
Key considerations
- Scan and Clean: Regularly scan your website for malware and vulnerabilities, and promptly clean any issues found.
- Monitor Reputation: Actively monitor your website's reputation using online tools and address any negative feedback.
- Contact Support: Contact LinkedIn, Spamhaus, and Fortinet support to investigate the flagging and request removal if necessary.
- Secure Hosting: Consider switching to a more secure hosting environment if shared hosting is causing problems.
- Domain Privacy: Public WHOIS information is preferable but not critical. Ensure domain information is accurate.
- Check Email Authentication: Ensure your email authentication is set up correctly (SPF, DKIM, DMARC) to improve sender reputation.
- Content compliance: Ensure your website's content complies with relevant platform policies and terms of service.
Marketer view
Email marketer from Quora suggests checking if your DNS records have been tampered with or if your domain has been hijacked, as this can redirect users to malicious websites and trigger security warnings.
2 Jul 2021 - Quora
Marketer view
Email marketer from Email Geeks shares that the domain is listed by Fortinet as potential phishing and suggests contacting them to resolve it, assuming it's a false positive.
25 Jul 2022 - Email Geeks
What the experts say
7 expert opinions
Your website link might be flagged as malware on LinkedIn and listed on Spamhaus and Fortinet for several reasons, including a potential MXToolbox error, non-email related malware warnings, potential website compromise hosting a phishing page, and poor domain/sender reputation. Building domain reputation over time, monitoring blacklist status, and remediating any issues found are critical. LinkedIn support may also offer clarification.
Key opinions
- MXToolbox Error: The Spamhaus/MXToolbox issue may be due to an MXToolbox bug or user error. Ignore if it's an IP lookup in a domain name list.
- Non-Email Malware Warnings: Malware warnings on LinkedIn may not be email-related; contact LinkedIn support.
- Potential Website Compromise: The Fortinet listing may indicate a compromised website hosting a phishing landing page.
- Domain Reputation Matters: Domain reputation is built over time and impacts deliverability; monitor and maintain a positive reputation.
- Sender Reputation Affects Links: Poor sender reputation can cause links within emails to be flagged; improve sender reputation.
- Blacklisting Reasons: Blacklisting can result from spamming, malware hosting, or website compromise; identify the cause and remediate.
Key considerations
- Monitor Reputation: Regularly monitor your domain and sender reputation using online tools.
- Check for Compromise: Thoroughly check your website for any signs of compromise, such as phishing pages.
- Improve Sender Reputation: Improve sender reputation through proper email authentication (SPF, DKIM, DMARC) and sending wanted mail.
- Remediate Blacklisting: Identify the cause of blacklisting and take steps to remediate issues before requesting delisting.
- Contact LinkedIn Support: Contact LinkedIn support for clarification regarding malware warnings and potential TOS violations.
- Review WHOIS Information: While public WHOIS isn't critical, ensure your domain information is accurate.
Expert view
Expert from Word to the Wise shares that a sender's reputation impacts the deliverability of links and that a poor sender reputation could lead to links within the email being flagged. She recommends working on improving sender reputation, which includes proper email authentication and sending wanted mail.
4 Feb 2025 - Word to the Wise
Expert view
Expert from Word to the Wise explains that a domain's reputation is built over time and that blacklisting can occur due to various factors including spam complaints, malware distribution, and phishing activity. He advises to regularly monitor your domain's reputation using various tools to identify any issues early on.
15 Jan 2022 - Word to the Wise
What the documentation says
4 technical articles
Your website link might be flagged as malware on LinkedIn and listed by Spamhaus and Fortinet because these services have identified the domain as associated with malicious activities. Spamhaus DBL lists domains found in spam or used for malware/phishing. Fortinet categorizes sites based on content and flags those with detected malware or phishing activity. Google Search Central flags sites infected with malware or used for phishing, and VirusTotal aggregates results from multiple sources to provide a comprehensive overview of a URL's potential threats.
Key findings
- Spamhaus DBL Listing: Spamhaus lists domains found in spam or used for malicious purposes, including spamvertised websites, malware distribution, and phishing.
- Fortinet Categorization: Fortinet flags websites as 'malware' or 'phishing' based on detected malicious activity or content.
- Google Search Central Flags: Google flags websites in search results if infected with malware, used for phishing, or engaging in harmful activities.
- VirusTotal Threat Assessment: VirusTotal aggregates results from multiple sources to assess a URL's potential threats; positive results indicate a higher likelihood of malicious activity.
Key considerations
- Check for Malware: Thoroughly scan your website for malware and malicious content.
- Review Google Search Console: Check Google Search Console for security issues and request a review after cleaning the website.
- Assess VirusTotal Results: Use VirusTotal to get a comprehensive overview of potential threats associated with your URL.
- Remediate Issues: Identify and remediate any issues leading to blacklisting by Spamhaus and Fortinet.
Technical article
Documentation from Fortinet clarifies that Fortinet's web filtering categorizes websites based on content, and a 'malware' or 'phishing' categorization indicates that Fortinet has detected malicious activity or content associated with the website.
14 Nov 2024 - Fortinet
Technical article
Documentation from VirusTotal explains that their URL scanner aggregates results from multiple antivirus engines and website reputation services, providing a comprehensive overview of a URL's potential threats. A positive result from multiple sources indicates a higher likelihood of malicious activity.
1 Oct 2022 - VirusTotal
Besides Spamhaus, what blocklists are important for email marketers to monitor?
How can I get delisted from Spamhaus?
How can I get help with a Spamhaus listing delisting?
How can I report fraudulent emails and domains to Spamhaus and other relevant organizations?
How do I check Spamhaus for my IP address and understand the listings?
How do I deal with a SORBS listing affecting email deliverability?
