I've gotten a couple messages on my Webmaster Tools console that two of my own sites are being used for a phishing scam. The scammers are using the url for my sites, then attaching the address to their phishing page. Google says they've removed the url from the search engine and put up an alert to anyone who goes to the offending link. Still, they advise I look into it and contact my webhost; I've sent the webhost a ticket about it, still haven't heard back.
Does anyone have experience with this? If so, do you know what to do about it? How is someone even able to use my sites' domains for their phishing pages? Does it mean my sites were compromised?
Basically, my sites are alright if you go to them. Nothing appears wrong. Just those particular links that are phishy are connected to them.
Is it enough that Google has taken them off the search engine? Or is there still a problem? Will my sites get blacklisted?
Wish I could help but I have no experience of phishing problems. I reckon google webmaster forums are the best place to ask for help:
https://productforums.google.com/forum/ … ing$20scam
I've had this done to my sites years ago.
After a short investigation, I realized that one of my sites was hacked and that from this entry door, they invaded my hosting account.
Because I didn't want to lose my time, I asked my webhost to nuke my entire account - I had weekly backups - and rebuilt all sites from zero using the backups I kept on my computer. But you can download all your sites and all their files on your computer through your FTP software and check and see which file doesn't belong to your sites. Delete them - if you wish to open them, do so only using NotePad or NotePad++. Then delete all files on your hosting account and re-upload those you cleaned up.
Hackers could find a way to penetrate my Joomla site. This is the one site I got rid of and never had a problem since then.
Also Google works very fast on such problems so as soon as your hosting account will be cleaned up, they'll remove their warning and will re-include your sites in their index.
Otherwise you can get a lot of help from expert sites. There is one that is devoted to such troubles but, I'm sorry, I don't remember its name
Note that keeping your database, scripts, plugins updated - WP requires constant security updates - is a way to ensure their safety.
Hope you'll find a solution very quickly. Fingers crossed
Thanks for the info. I'm either going to have to take some time to really figure this out or find some help. Hoping my webhost will be able to figure it out. The thing that gets me is that the only problem so far is that one link that goes to the phishing page. Nothing wrong other than that. My sites are fine, seemingly. Google already removed the link from the search engine and put a warning up for anyone that tries it wherever they might happen to find it.
I would assume my sites were actually hacked in some way, because I don't know how else they could use the domain name address in their links.
It can be no other thing than that one link was added to one of your files. Or more simply a script added to your directory. In my case it was a script in one of my directories but I wanted to opt for 100% safety and asked my host to nuke my account. I re-uploaded all sites but the Joomla as it was in that directory that I found the script and through one of the many safety failures of Joomla that the hackers could penetrate.
But do as you see fit, it's better to ask for help than touching files and ruin your hard work
By the way if you use WordPress, I recommend the WordFence plugin.
I set one of the most secure features (failed login attempts) to just 1. So after one, the hacker is blocked. Not the best for me if I type the wrong data while I try to login but at least my site is safe... Well we never ensure safety to 100% but 99% can't hurt.
Thanks, I'm definitely going to check out that plugin.
My webhost got rid of the user that was using my site. Can't remember the exact wording but it was something along the lines of addressing the user that used the "mod_userdir" feature in Apache.
by Dorsi Diaz7 years ago
I want to set up a couple websites, and am wondering the best and easiest way to set them up would be- I've got one that I set up through Yahoo, but I haven't really done anything with it.Any suggestions from my fellow...
by Pacal Votan7 years ago
Google admits the accounts of hundreds of gmail users have been hacked. The same is true for hotmail account.If you have gmail or hotmail it is advisable for you to change your login information.
by sunforged6 years ago
ANybody using a host that offers more than 25 mSQL databases for under 10/month or 100/year?
by Laurel Rogers4 years ago
I just received this in my email and am not certain what's going on:_______________________________________________________________________________"Hi, lorlie6Twitter believes that your account may have been...
by Pete Maida7 years ago
I have read several comments in the forums about the problem that our ladies have with the word pimp and the way it is used here at HubPages. Today I see it in big colorful ads. I think that it wouldn't be...
by Faith Reaper19 months ago
I guess these sites of misrepresentation will just go on forever ... Tonight I just typed on Google, "Faith Reaper on Hubpages" and as I scrolled down, I found many sites that state just that, but have nothing...
Copyright © 2016 HubPages Inc. and respective owners.
Other product and company names shown may be trademarks of their respective owners.
HubPages® is a registered Service Mark of HubPages, Inc.
HubPages and Hubbers (authors) may earn revenue on this page based on affiliate relationships and advertisements with partners including Amazon, Google, and others.