Report Code Signing Misuse

If you have encountered software signed by a Thawte code signing certificate that you believe is being used for malicious or harmful purposes, please report it to Thawte using this form.

Examples of misuses of a Thawte code signing certificate include but are not limited to:

  • the code acts as "spyware"
  • the code is included as part of a "phishing" scheme
  • misleading descriptions in the code
  • the code is used for "man-in-the-middle" attacks

Thawte code signing certificates are used by software publishers to assure their customers that software they distribute has not been altered or damaged after it is signed. When you accept software signed by a Thawte code signing certificate, you have the assurance that Thawte has authenticated the identity of the publisher of that software. However, Thawte does not perform any review of that software and makes no representations or warranties concerning the quality of that software.

Before Thawte issues a code signing certificate, the software publisher must agree not to distribute malicious or harmful software of any kind. If Thawte confirms that a software publisher is distributing malicious or harmful software, Thawte reserves the right to immediately revoke any code signing or other certificate(s) it may have issued to such publisher.

Please fill out the following form and include as much information as possible.

* Denotes a required field

corporate office

The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950