>> My best guess is that the customer actually downloaded that file. Their browser (Chrome, I assume) identified it was malicious and reported it to Google. Which has all sorts of privacy implications in itself.<p>Why would Google assume something is malicious without verifying? I can report to google that facebook.com is serving malicious content, will google block facebook just because I report? In your case, I assume only a handful of people would have reported to google. If google simply react to only someone reporting then it is issue from the Google side