Commit 690b7fea authored by flo's avatar flo

Merge branch 'master' into 'multilanguage'

# Conflicts:
#   _data/sidebars/mydoc_sidebar.yml
#   pages/mydoc/article_template.md
#   pages/mydoc/email_template.md
parents 3af632d3 ca49b672
......@@ -172,6 +172,38 @@ What follows is a step-by-step guide to download a synchronized clone of your fo
Thank you for contributing to Access Now Digital Security Helpline Community documentation!
### Creating New Articles or Templates
#### 0. Before Writing
A couple of steps are required before you even start writing:
- Make sure that you have a clear idea of the technical solutions required to solve the case type described in the article, and discuss them with your team and, if necessary, with your community. Also make sure that this documentation doesn't already exist.
- Make sure that the case can be generalized to a broader type of issues.
#### 1. Drafting an Article for RT
Draft the article in markdown in a new branch.
- When writing an article, use this [template](https://gitlab.com/AccessNowHelpline/community-documentation/blob/master/pages/mydoc/article_template.md).
- When writing a message template use this [template](https://gitlab.com/AccessNowHelpline/community-documentation/blob/master/pages/mydoc/email_template.md).
*Both these templates include a series of meta tags in the front
matter included between 3 hyphens at the top of the document. These meta tags
won't be visible in the final web page, but are important for the final website
deployment and for its layout, as well as for the continuous integration scripts.
They should be filled out as carefully as every other field in the templates. See ["YAML front matter"](#yaml) below for a description of each tag in the front matter.*
#### 2. Publication
1. Do a merge request so the administrators of this repository are notified about your proposed changes.
2. When the content has been reviewed, the administrators of this repository will merge your changes.
### Types of content
The content in this website is organized hierarchically, as outlined in the following list:
......@@ -186,6 +218,7 @@ If you plan to add a new FAQ or article to the repository, you can start by dupl
If you are adding an email template, you can base it on [this file](https://gitlab.com/AccessNowHelpline/community-documentation/blob/master/pages/mydoc/email_template.md).
<a name="yaml"></a>
### YAML front matter
......@@ -211,6 +244,8 @@ The YAML front matter (the keys and values included between `---` at the beginni
- conf: Public - **leave this unchanged**.
- ref: a unique identifier for each localized version of the same article. If you are creating a new article, this can be any identifier matching with the title, without spaces. If you are translating an existing article, the identifier needs to be identical to the one in the original version that you are translating.
- lang: add 2-letters code for the language used in the article.
......@@ -234,6 +269,8 @@ The YAML front matter (the keys and values included between `---` at the beginni
- conf: Public - **leave this unchanged**.
- ref: a unique identifier for each localized version of the same article. If you are creating a new article, this can be any identifier matching with the title, without spaces. If you are translating an existing article, the identifier needs to be identical to the one in the original version that you are translating.
- lang: add 2-letters code for the language used in the article.
......
---
title: Reporting a Domain Name in Out-of-Mandate Cases
keywords: fake domain, impersonation, cloning, escalations, domain provider, take-down request, out-of-mandate
last_updated: March 4, 2019
tags: [fake_domain_templates, templates]
summary: "This template is sent as guidance to clients who are reporting a domain name but are out of mandate"
sidebar: mydoc_sidebar
permalink: 217-Reporting_domain_out-of-mandate.html
folder: mydoc
conf: Public
lang: en
---
# Reporting a Domain Name in Out-of-Mandate Cases
## This template is sent as guidance to clients who are reporting a domain name but are out of mandate
### Body
Hi XXXXX,
I hope this email finds you well.
I'm very sorry to hear about your incident. Access Now Helpline team helps civil society members and non-profit organizations in digital security concerns and incidents and unfortunately we cannot assist requests that are not coming from the civil society, so we can only offer instructions for you to take action to deactivate the fake domain.
The management of a domain is handled by the relevant registrar. You can directly report your claim to the registrar and they could investigate the incident further and take appropriate action.
You can get the registrar information of any website by doing a search on this website: https://who.is/
This site will look up all the relevant information for a domain name, including the contacts to reach out to in this situation.
In this case, the following information is provided for the domain "$Domain name":
- Registrar: XXXXXXXX
- Registrant Contact Information: Name: XXXXXXXX
- Email: XXXXXXXX
I would suggest that you report this incident through the registrar by sending an email to: [email protected]
Depending on what country you are based in, there might be Computer
Emergency Response Team (CERT) able to assist. Please see below a
list of national CERTs and their contact details:
https://www.cert.org/incident-management/national-csirts/national-csirts.cfm
You can also try and report the abusing domain on Google Safe Browsing, through this form: https://safebrowsing.google.com/safebrowsing/report_general/
I hope you find this information useful. In case you have any
question please let us know.
Kind Regards,
[IH's Name]
* * *
### Related Articles
[Article #34: Handling Fake Domains in Out-of-Mandate Cases](34-Handling_Fake_Domains_Out-of-Mandate.html)
......@@ -21,7 +21,7 @@ lang: en
Hi [CLIENT_NAME],
We appreciate your trust in our Helpline service. We hope this message finds you well.
In order to protect our users and extend our trust network, we need to know more about you and ascertain who you are by referencing you through one of Access' Now partners.
In order to protect our users and extend our trust network, we need to know more about you and ascertain who you are by referencing you through one of Access Now's partners.
We will reach out in a secure way and share your name and email to authenticate your identity and verify that you are indeed a member of civil society. Any other information, including the reason you contacted our Helpline, will remain strictly confidential.
......
---
title: Handling of Fake Domains with Commercial Involvement
title: Handling Fake Domains in Out-of-Mandate Cases
keywords: fake domain, out of mandate, commercial
last_updated: November 8, 2018
last_updated: March 4, 2019
tags: [fake_domain_mitigation, articles]
summary: "A fake domain with commercial involvement has been reported. After the vetting process, we have found out the client is not part of civil society but is a commercial entity."
summary: "A fake domain has been reported, but after the vetting process, we have found out the client is not part of civil society but is a commercial entity or out of mandate for other reasons."
sidebar: mydoc_sidebar
permalink: 34-Handling_Fake_Domains_Commercial.html
permalink: 34-Handling_Fake_Domains_Out-of-Mandate.html
folder: mydoc
conf: Public
lang: en
---
# Handling of Fake Domains with Commercial Involvement
## What to do if a fake domain with commercial involvement is reported
# Handling Fake Domains in Out-of-Mandate Cases
## What to do if a fake domain is reported by a client out of mandate
### Problem
Access Now Helpline, as a responsible CERT, is willing to responsibly report fake domain cases with commercial involvement. However, commercial entities are not under Access Now's mandate, and therefore the amount of resources to handle this type of cases should be as limited as possible.
Access Now Helpline, as a responsible CERT, is willing to responsibly report fake domain cases with commercial involvement. However, commercial entities and other types of requestors are not under Access Now's mandate, and therefore the amount of resources to handle this type of cases should be as limited as possible.
* * *
......@@ -25,6 +25,10 @@ Access Now Helpline, as a responsible CERT, is willing to responsibly report fak
### Solution
- Send the requestor an email with instructions on how to report the domain based on the template in [Article #217: Reporting a Domain Name in Out-of-Mandate Cases](217-Reporting_domain_out-of-mandate.html).
#### Optional steps:
- If the domain is a country-code top level domain, contact the local CERT.
- If the domain is a generic top level domain, contact the local CERT of the country where the commercial entity is registered.
......@@ -39,8 +43,12 @@ A list of CERTs per country can be found [here](http://first.org/members/map).
### Comments
For cases of fake domains within mandate, please see [Article #342: Handling of Fake Domains](342-Handling_Fake_Domains.html)
* * *
### Related Articles
- [Article #217: Reporting a Domain Name in Out-of-Mandate Cases](217-Reporting_domain_out-of-mandate.html)
- [Article #342: Handling of Fake Domains](342-Handling_Fake_Domains.html)
......@@ -8,6 +8,7 @@ sidebar: mydoc_sidebar
permalink: 341-Feedback_Survey.html
folder: mydoc
conf: Public
ref: feedback-survey
lang: en
---
......
---
title: Fake Domain - Report Impersonation/Cloning to Domain Provider
keywords: fake domain, impersonation, cloning, escalations, domain provider, take-down request, report template
last_updated: March 1, 2019
tags: [fake_domain_templates, templates]
summary: "Email template to report cases of domain impersonation and request take-down of the violating domain"
sidebar: mydoc_sidebar
permalink: 343-Report_Domain_Impersonation_Cloning.html
folder: mydoc
conf: Public
lang: en
---
# Fake Domain - Template to Report Impersonation/Cloning to Domain Provider
## Email template to report cases of domain impersonation and request them take down the violating domain
### Body
TO: [email protected]
SUBJECT: Impersonation Report
Dear XXXX,
My name is [IH’s name] from Access Now Digital Security Helpline. We are a free-of-charge resource for civil society around the world. I'm respectfully contacting you to ask for your assistance with a digital security issue that was recently reported to our Helpline.
A website with this URL: [Fake Website URL], which is hosted by [hosting/domain provider name], is impersonating this legitimate website: [Legitimate Website URL]
[Explanations of client's ownership/trademark registration and adversary's intent]
[Specific link/description of impersonated materials]
We are asking for your assistance in taking down the fake website:
* Fake website: URL
* Original website: URL
In advance, we appreciate your responsiveness, and gently request your immediate action to solve the above-mentioned situation.
Kind regards,
[IH’s name]
* * *
### Related Articles
[Article #342: Handling of Fake Domains](342-Handling_Fake_Domains.html)
......@@ -7,7 +7,7 @@ summary: "Symptom of the article, within quotes as here"
sidebar: mydoc_sidebar
permalink: title_of_article.html
folder: mydoc
conf: Confidential
conf: Public
ref: unique_identifier_among_translations
lang: en
---
......
......@@ -7,7 +7,7 @@ summary: "Summary of the template, within quotes as here"
sidebar: mydoc_sidebar
permalink: title_of_article.html
folder: mydoc
conf: Confidential
conf: Public
ref: unique_identifier_among_translations
lang: en
---
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment