Why Email Reports
Understanding why email-based reporting is essential for effective threat intelligence operations.
PhishDestroy relies on structured email reports as the primary method for submitting verified threat intelligence to registrars, hosting providers, and abuse teams. This page explains why.
Why Not Just Use Web Forms?
Most registrars and hosting providers offer web-based abuse forms. While convenient, these forms often lack standardization, impose character limits, strip formatting, and provide no reliable confirmation or tracking. Email, on the other hand, creates a permanent, timestamped, verifiable record of every report we send.
When a report is submitted via email, both the sender and recipient have an immutable copy. This is critical for accountability — if a provider claims they "never received" an abuse report, the email trail proves otherwise.
Evidence Integrity
Email allows us to attach full evidence packages including:
- Screenshots of active phishing pages with timestamps
- HTML source code and JavaScript payloads
- WHOIS records captured at the time of report
- Network traces — DNS, HTTP headers, SSL certificate details
- Blockchain evidence — wallet addresses linked to drainer operations
Web forms typically cannot handle this volume of structured evidence. Email allows us to deliver complete, forensically useful reports that abuse teams can act on immediately.
Automation at Scale
PhishDestroy processes hundreds of domains daily. Our automated pipeline generates structured abuse reports in a consistent format that abuse desks recognize. Email enables us to:
- Send reports to 50+ vendors simultaneously per campaign
- Use templated formats that registrars expect (RFC-compliant)
- Include machine-readable indicators (IOCs) for automated processing
- Maintain a full audit trail of every report sent
Legal and Compliance Value
Email reports serve a dual legal purpose:
- Proof of notice: Under ICANN's Registrar Accreditation Agreement, registrars must investigate credible abuse reports. Our emails constitute formal notice.
- Evidence preservation: If a registrar fails to act and victims suffer losses, our email records can be used to demonstrate the provider was notified and chose inaction.
- Law enforcement cooperation: When cases are escalated to the FBI, Europol, or national CERTs, our structured email reports provide a ready-made evidence package.
Transparency and Accountability
Every report we send is logged internally with a unique reference ID. When registrars or providers respond — or fail to respond — we track that too. This data powers our provider accountability metrics, showing which companies act swiftly on abuse and which ignore it.
Registrars and hosting providers that consistently ignore abuse reports are documented in our public accountability data. Email provides the irrefutable evidence needed to support these findings.
How to Report a Threat
If you've discovered a phishing site, scam domain, or malicious infrastructure, you can report it through:
- Telegram Bot: @PhishDestroy_bot — fastest method for initial reports
- Email: report@phishdestroy.io — for detailed evidence submissions
- API: api.destroy.tools — for automated/bulk submissions
All reports are processed through our automated pipeline and forwarded to relevant abuse teams via structured email reports.
Contact
Questions about our reporting methodology: contact@phishdestroy.io