This is why well-regarded justice systems don't disclose anything about why they arrested someone and are jailing them indefinitely. It'd give criminals too much of an edge otherwise, and would surely be unworkable and lead to violent anarchy in short order.

Your tounge-in-cheek argument is focused on the wrong point.

Microsoft has no idea that you own the domain when you contact them, you are just a concerned party reaching out to them.. you could be the site owner, you could be the criminal that planted the payload.

Until it gets to the point where it is determined that you are the owner, they are correct to not give out sensitive information to random people that decide to e-mail them.

Surely you don’t consider the US to have a well regarded justice system do you?

This is irrelevant to my post. Would removing all transparency from it help, or make it worse? Are there better-regarded ones that don't reveal anything whatsoever to the accused and convicted, because that'd make it so hard to stop criminals that everything would fall apart?

[EDIT] My point is simply that somehow we manage in basically every other space to let those accused of wrongdoing know what we think they did that looked like wrongdoing, but somehow when it's an Internet giant calling the shots that's just impossible and waaaaah too hard and the sky would fall if they ever treated anyone with any amount of humanity and respect. I think it's grade-A bullshit and they've just figured out they can get away with being assholes at scale and no-one will make them stop.

There is no indication that the original poster did any type of security review to make sure that the block was justified. Let’s start there.

It’s not just the internet. No company disclosed their fraud detection techniques.

MS isn't even giving them an idea of what sort of thing they think is going on. Completely ghosting someone is way beyond not disclosing fraud detection techniques.

"We're using our enormous market power to wreck your company and won't even tell you roughly the kind of thing we think is wrong" is so unacceptable it ought to draw an application of some kind of corporate death-penalty, if it's a pattern of behavior and not just a rare accident that goes against official policy. Certainly it's, all on its own, a strong argument that there shouldn't be companies this powerful in the first place.

The OP sounds like somebody that would do a non-through, not very competent review, and not find anything.

But it doesn't matter. MS is the one telling to the entire world that his software is not reliable. They don't get to tell it all over the world without bringing some evidence.

Yeah, I don't buy this one. "Your site is participating in a phishing campaign, here is an example: $URL" doesn't tell a malicious party anything they didn't already know from the original MS warning.

In fact, I'll go further. MS owns we an explanation why they are warning on any random site. Not only the site's owner.

No it doesn't. It simply tells that the detection system _has_ worked.

Imagine that MS replies "we detected malware spreading from your site" without any other details. What is OP supposed to do then? Won't they be just as frustrated, if not more, than before?

Just "we detected malware spreading from your site" would sure narrow things down a lot. Time to inspect the web server access logs, 'diff' the site contents with a month-old backup, etc.

They should be doing exactly that anyway.

Just as all Americans should be driving at no more than the speed limit...

There is a 0% chance that a site could be spreading malware and there's not a single thing MS could point to to help out the owners find it that wouldn't leak Super Secret Advanced Mega-Genius Malware Detection Methods.

They just don't want to because that costs more money than being a huge piece of shit does.

If they tell you the steps you have to take to get off the shit list then its not hard to reverse engineer how to avoid being on the shit list.

Yes, that's how it should work.