Takedown Services

flare provides external threat takedown services designed to reduce the risks posed by threats such as malicious domains, code repository leaks, social media impersonation, and more service availability takedown services are offered as a paid feature certain flare subscription packages include a set number of annual takedown requests additional individual takedowns or takedown packages can also be purchased separately for more information around pricing, please reach out to your customer success manager (csm) types of takedown requests flare can facilitate takedown requests for threats across the following categories domains websites phishing emails source code cloud storage paste sites apk/ third party app stores social media phone numbers flare proactively monitors external threats by correlating customer identifiers with data from domain registrations, websites, code repositories (e g , github), cloud storage platforms, paste sites, and mobile app stores reasons to initiate a takedown request 1\ malicious content or terms of service violations most platforms, including domain registrars, web hosting providers, github, cloud storage services, and app stores, prohibit malicious activities, privacy violations, or abuse as part of their terms of service a takedown request may be submitted if a threat clearly violates these policies examples a threat actor registers a look alike domain to conduct phishing attacks a takedown request can be submitted to the domain registrar a fraudulent linkedin account engages in fake recruitment scams a takedown request can be sent to linkedin to remove the fraudulent profile 2\ copyright & trademark infringement most platforms enforce policies related to copyright and trademark infringement, commonly guided by the principles of the digital millennium copyright act (dmca), even internationally takedown requests can be submitted when unauthorized use of copyrighted materials, brand trademarks, or proprietary content is identified it is essential to consider "fair use" exceptions, including news reporting, product reviews, parody, comparative advertising, and compatibility claims examples a travel booking site illegally uses an airline’s logo for unauthorized promotions a takedown request can be sent to the web hosting provider unauthorized advertisements on google or meta platforms promote potentially counterfeit athletic products the brand can submit a takedown request citing trademark infringement and brand harm letter of authorization (loa) for copyright and trademark related takedowns, customers must submit a letter of authorization (loa), permitting flare and its partners to act on their behalf social media platforms, app stores, and other platforms typically require this document to confirm the legitimacy of requests though technically not required for other types of takedowns, it is recommended that all flare customers who have purchased takedown service complete an loa the loa should include original urls protected by flare company registration number and jurisdiction registration numbers and jurisdictions for trademarks and copyrights information on related brands (if applicable) a template loa form is available upon request contact your customer success manager for more information how to submit a takedown request within the flare app navigate to the event card related to the threat (domain, source code leak, paste site, cloud storage bucket) click "request takedown" to be directed to flare’s customer support portal, where you can complete the required form alternatively, you can request a takedown within the “help” tab and the “takedown” button via flare customer support portal directly access the customer support portal at https //support flare io https //support flare io/ (accessible via sso from the flare app) this submission workflow is particularly useful for threats discovered outside of flare upon submission, you will receive an email from support\@flare io with a link to track your request further status updates, including resolution notifications, will be communicated via email you can track all of your open takedown requests within the support center to ensure efficient and accurate processing of takedown requests, flare customers are asked to submit one item per zendesk support ticket when requesting a takedown each ticket should include a single malicious indicator—such as a suspected domain, social media profile or post, fraudulent app, malicious browser extension, email address, or phone number—that is associated with impersonation or malicious activity for a full walkthrough of the process, you can check out a short demo below requirements for specific takedown requests domain takedowns required enter the domain you suspect to be malicious or hosted on a website builder platform provide evidence a brief summary of what you have experienced with the domain and any screenshots to corroborate the claim social/messaging applications required enter the social platform url (ex https //www instagram com/example ) that is suspected of being malicious provide evidence a brief summary of what you have experienced with the profile or related postings for social attacks, we require additional evidence please specify the original account if any present some platform policies make takedown success rates much lower if no original account is registered on their platform apps third party apps fraudulent applications on the google play store or ios app store required enter the store link of the fraudulent application from the google play store app or the ios app store (ex https //play google com/store/apps/details?id=com company app ) provide evidence a brief summary of what you have experienced with the profile or related postings upload documents any screenshots or other forms of evidence regarding this threat browser extension required enter link (extension url) of the malicious browser extension provide evidence a brief summary of what you have experienced with the profile or related postings upload documents any screenshots or other forms of evidence regarding this threat email required enter email address that you want to report (ex example\@domain com ) provide evidence a brief summary of what you have experienced with the profile or related postings for email attacks we require additional evidence to process email takedowns, the original email headers must be included please attach the email as a eml file to ensure all header information is preserved phone required enter phone number used in the attack including country code provide evidence a brief summary of what you have experienced with the profile or related postings for phone attacks, we require additional evidence 1 receiving phone number 2 scammer phone number 3 date and time of call (with timezone) 4 short description of what was said attacks via messenger accounts should be reported as social incident types evidence in these cases are screenshots of impersonating/infringing messages whatsapp can be submitted wa me/xxxxxxxxx facebook messenger m me/xxxxxxxxx telegram t me/xxxxxxxx ipv4 required enter the malicious ip address that you want to report (0 0 0 0) provide evidence a brief summary of what you have experienced with the profile or related postings erroneous takedown requests certain scenarios do not qualify for takedown requests because they lack clear evidence of malicious intent, trademark infringement, or violation of terms of service submitting such requests is unlikely to result in successful action examples include empty or unused websites websites or domains without content or clear malicious intent, even if registered similarly to your brand name (typosquatting), typically do not warrant takedown actions parked domains domains parked for future use or sale, even if they contain typosquatting, generally do not qualify unless actively used for fraudulent activities or trademark infringement note certain registrars may voluntarily disable parked domains upon request if the typosquatting is clearly targeted and non generic tutorial or informational websites sites providing educational content, tutorials, or guides—even if monetized through advertisements—are considered legitimate online activities as long as they clearly state they are unaffiliated with your brand social media criticism requesting takedowns for social media posts or accounts that criticize or negatively comment on your brand, but do not violate platform terms of service or intellectual property rights, will usually be unsuccessful fake news articles defamation claims typically require a court order, and even when backed by strong evidence, such as publicly available and trustworthy sources that clearly contradict the claims made in the article, the chances of success remain low hosting platforms and authorities rely on principles like free speech, fair use, and the presumption of innocence reports of fake news are therefore generally rejected by registrars