Do you suspect a file or email is harmful? Or that a file or URL was rated incorrectly by an F-Secure product?
Submit files and URLs to F-Secure Labs' Sample Analysis System (SAS) for automated analysis.
You can submit files anonymously, or if you want to get feedback and scan results for samples, you will need to sign up for an SAS account.
F-Secure welcomes collaboration with researchers interested in responsibly disclosing vulnerabilities in any F-Secure products or services. Issues reported to us undergo thorough investigation on a case-by-case basis.
Researchers currently have two options when reporting vulnerabilities:
All ProductsAny F-Secure product or service
Vulnerability Reward Program
Specially for younited
Report a vulnerability (with a summary of its exploitation and impact, including details of any configurations, circumstances and code needed) via email to:
- We very strongly recommend encrypting the email using our GnuPG key ( available on key servers, key fingerprint 098A 308E 6F15 E2CE 84A2 CB91 3BE6 8DBF 5902 6649) and attaching your own public key in the mail.
Email messages that have been incorrectly rated by F-Secure products can be submitted for analysis and recategorization via the email addresses below:
Unwanted email incorrectly rated as wanted
Wanted emails incorrectly rated as unwanted
Fake emails that lead user to malicious sites
How To Submit
- Do not manipulate or edit the message(s) being submitted in any way.
- Compress the email message(s) in a ZIP file (and don't include any unrelated files).
- Name the ZIP file samples.zip
- Submit the samples.zip file from a valid, live e-mail address. In rare cases, we may need to reply to you if we have questions.
- Write any comments in English only. Messages in other languages may be delayed or even discarded entirely. For assistance, Google Translate provides translation support for more than 30 languages.
- If you use Outlook and another e-mail client in parallel, it's probably best to use the alternate client to extract messages for submission.
- We assume no responsibility for any confidential information you may send us. If you send a message to us using this channel, our only guarantee is that it will not be released outside of our organization.