Report Code Signing Misuse from VeriSign, Inc.

Report Code Signing Misuse

If you have encountered software signed by a VeriSign code signing certificate that you believe is being used for malicious or harmful purposes, please report it to VeriSign using this form.

Examples of misuses of a VeriSign code signing certificate include but are not limited to:

  • the code acts as "spyware"
  • the code is included as part of a "phishing" scheme
  • misleading descriptions in the code
  • the code is used for "man-in-the-middle" attacks

VeriSign code signing certificates are used by software publishers to assure their customers that software they distribute has not been altered or damaged after it is signed. When you accept software signed by a VeriSign code signing certificate, you have the assurance that VeriSign has authenticated the identity of the publisher of that software. However, VeriSign does not perform any review of that software and makes no representations or warranties concerning the quality of that software.

Before VeriSign issues a code signing certificate, the software publisher must agree not to distribute malicious or harmful software of any kind. If VeriSign confirms that a software publisher is distributing malicious or harmful software, VeriSign reserves the right to immediately revoke any code signing or other certificate(s) it may have issued to such publisher.

Please fill out the following form and include as much information as possible.

*Denotes required field.

Date
Address of Web site distributing the malicious or harmful software (if known)
* Name or title of malicious or harmful software
Please include the name or title of the software as well as any verbiage that you see in any browser dialog boxes you may have encountered.
* Description of the malicious or harmful behavior of the software
*First Name
*Last Name
*Your E-Mail Address
*Your Telephone (e.g. "+00 000 000 0000")
We may request further information from you as part of our investigation.