What to Do When You See a Security Warning

← Back to Blog

While browsing the internet, you suddenly see a red page with a large warning triangle and the title "Security Warning". The page tells you that the website you were trying to visit has been flagged as potentially dangerous. This is the UnveilPass Phishing & Malware Protection in action. Here is what it means and what you should do.

⚠ Security Warning

suspicious-site.com

This website has been flagged as potentially dangerous.

Go Back to Safety I understand the risk

Why Am I Seeing This Warning?

The UnveilPass browser extension checks every website you visit against multiple blocklists of known phishing sites, malware distribution points and scam domains. When a match is found, the extension blocks the page before it loads and shows you the Security Warning screen instead.

A website can be flagged for several reasons:

Phishing — The site impersonates a legitimate service (your bank, an online store, a social network) to steal your login credentials or personal information
Malware distribution — The site is known to host or distribute malicious software that could infect your computer
Scam — The site is associated with fraud, fake shops, or deceptive schemes designed to steal your money or data

Step 1: Do Not Proceed to the Website

The safest action is always to click "Go Back to Safety". This closes the tab and prevents any contact with the dangerous website. If you were not intentionally trying to visit this site, this is all you need to do.

Phishing and malware sites are designed to look convincing. They often mimic the exact design of legitimate websites — the same logo, the same colors, the same layout. The only difference is the URL. Do not trust appearances.

Step 2: Check the URL Carefully

If you believe you were trying to visit a legitimate website, take a moment to examine the domain name shown in the warning. Phishing sites use domain names that look similar to real ones but with subtle differences:

paypa1.com instead of paypal.com (number 1 instead of letter l)
amaz0n-login.com instead of amazon.com (zero instead of o, extra words)
secure-banking.mybank.fake-domain.com — the real domain is fake-domain.com, not mybank
microsoft.com.login-verify.net — the real domain is login-verify.net, not microsoft.com

How to identify the real domain: Look at the last two parts before the first / in the URL. In https://login.secure.paypal.com/auth, the real domain is paypal.com. In https://paypal.com.evil-site.net/auth, the real domain is evil-site.net.

Step 3: Consider How You Got There

Think about what led you to this website. This is often the most revealing clue:

Email link — Did you click a link in an email? Phishing emails are the #1 delivery method. Even if the email looks official, the link may point to a fake site
Text message or chat — SMS phishing ("smishing") is increasingly common. Banks and legitimate services rarely send links by text
Search engine result — Attackers sometimes buy ads that appear above legitimate search results, leading to fake versions of popular sites
Redirect — You may have been silently redirected from another site. This happens on compromised websites or through malicious ads
Typo — You may have mistyped the URL. Attackers register domains similar to popular sites (typosquatting) to catch these mistakes

If the link came from an email or message you did not expect, it is almost certainly a phishing attempt. Do not proceed. Instead, navigate to the legitimate website directly by typing the URL you know in your browser's address bar.

Step 4: Navigate to the Real Website Directly

If you need to access the service that the blocked site was impersonating, always type the official URL directly in your browser's address bar. Do not use the link that brought you to the blocked page.

For your bank: type your bank's URL directly (e.g. www.mybank.com)
For online shopping: go to the store's official website (e.g. www.amazon.com)
For social media: type the platform's URL directly (e.g. www.facebook.com)

If you have the legitimate site saved in your UnveilPass vault, use the extension to navigate there — it will take you to the correct URL every time.

What About "I Understand the Risk"?

The Security Warning page includes a second button: "I understand the risk". This button allows you to bypass the warning and proceed to the website anyway. It exists for rare cases where you are absolutely certain the website is safe (for example, a newly registered domain for your own project that has not been removed from blocklists yet).

Do not click "I understand the risk" unless you are 100% certain the website is legitimate. If you have any doubt at all, go back to safety. No legitimate website will require you to bypass a security warning to access it. The risk is real: entering your credentials on a phishing site gives attackers immediate access to your account.

If you bypass the warning:

The domain is temporarily marked as safe for your current browser session only
The bypass is logged in your Statistics page (Phishing & Malware Protection section)
The next time you restart your browser, the domain will be blocked again
Do not enter any credentials or personal information on a bypassed site unless you are absolutely sure it is legitimate

How to Report a False Positive

If you believe a legitimate website was incorrectly blocked, you can report it to us. False positives can happen when a newly registered domain appears on a blocklist by mistake, or when a previously compromised domain has been cleaned up but not yet removed from all blocklists.

Contact us at support@unveiltech.com with the domain name and we will review it. We update our blocklists regularly and can add exceptions for confirmed legitimate domains.

How to Check Your Protection Statistics

Every blocked and bypassed domain is recorded in your UnveilPass console. Go to the Statistics page and scroll down to the Phishing & Malware Protection section. You will see a table of all domains that were blocked, how many times each was detected, and when they were last seen.

Review your stats periodically. If you see the same domain blocked repeatedly, it may indicate that a phishing link keeps being sent to you (perhaps through a compromised contact) or that a website you visit regularly is redirecting to a malicious domain.

How to Enable or Disable the Protection

Phishing & Malware Protection is enabled by default for Pro users. You can toggle it in the extension popup under the Settings tab. We strongly recommend keeping it enabled at all times — it adds an essential layer of security with zero impact on browsing speed.

Stay Protected with UnveilPass

Phishing and malware protection is included in UnveilPass Pro. Block dangerous websites automatically while you browse.

Get Started Free

The Bottom Line

When you see a Security Warning, the right reflex is simple: go back to safety. Check the URL, think about how you got there, and navigate to the real website directly. Never enter your credentials on a site that triggered a warning. The few seconds it takes to verify a URL can save you from losing access to your accounts, your money, or your personal data.