My account was working fine for many months now until today I suddenly receive a message that it has been suspended because of a suspicious file found there. I have already written to the admins to review the case and opened a ticket.
I would like to request the admins that it is a very frustrating policy to immediately suspend accounts when they suspect that a suspicious file has been found. As a user, I have to go through the hassle of contacting the admins and wait until they review everything before they can activate my site again.
A much better alternative would be to simply delete any such suspicious files automatically without suspending the account. The user can then contact the admin and discuss about the file, if it is suspicious or not, but at least the account remains active.
Right now my account is suspended so I cannot even log in to the file manager and delete any such files which the admins think is suspicious.
Please admins, try to look into this and keep account suspension as a last resort and not as the first resort.
I understand having your account suspended if you don’t think you did anything wrong is infuriating. And I wish there were another, more user friendly way to deal with this. However, there are practical issues which truly make this the lesser evil.
The “suspicious files” suspensions are caused because one of your files was 1) found on many accounts which were also marked as malicious or 2) our anti-abuse AI thought the file was malicious. This can result in two options: the file is malicious or the file is not malicious.
If the file is not malicious, we don’t want to delete it because it could break a legitimate website which to a less technically skilled user would be very complicated to repair. Also, if the file is gone, we can’t use it to train the abuse detector that the file is not malicious.
If the file is malicious, it would risk not taking down the site effectively. And if the malicious file is part of a phishing script, not taking it down effectively would be terrible. And again, if the file is gone, we can’t train our abuse detector with it.
Experience has also shown that warning people beforehand, while effective on paper, really harms the abuse handling process. A few examples of common scenarios:
- The user is an phisher and uses the early warning to harvest stolen credentials and delete evidence.
- The user has already abandoned the account and doesn’t care what happens to it, so doesn’t bother to respond.
- The user doesn’t see the notification or chooses to ignore it, and won’t do anything unless the account is taken down.
We are doing our best perfect the abuse detection system and in the future we may be able to determine what kind of abuse we think is happening and react accordingly, but until then we have to go for the “better safe than sorry” approach.
Finally, note that we aren’t the only service out there with this kind of policy. All older free hosters I know have a shoot first, ask questions later policy.
And personal experience has shown that even services you pay for take this approach. I have been banned from companies simply because I have domain names which have been used for abuse (despite their services never having touched any abusive content).