I've gotten a couple messages on my Webmaster Tools console that two of my own sites are being used for a phishing scam. The scammers are using the url for my sites, then attaching the address to their phishing page. Google says they've removed the url from the search engine and put up an alert to anyone who goes to the offending link. Still, they advise I look into it and contact my webhost; I've sent the webhost a ticket about it, still haven't heard back.
Does anyone have experience with this? If so, do you know what to do about it? How is someone even able to use my sites' domains for their phishing pages? Does it mean my sites were compromised?
Basically, my sites are alright if you go to them. Nothing appears wrong. Just those particular links that are phishy are connected to them.
Is it enough that Google has taken them off the search engine? Or is there still a problem? Will my sites get blacklisted?
Wish I could help but I have no experience of phishing problems. I reckon google webmaster forums are the best place to ask for help:
https://productforums.google.com/forum/ … ing$20scam
I've had this done to my sites years ago.
After a short investigation, I realized that one of my sites was hacked and that from this entry door, they invaded my hosting account.
Because I didn't want to lose my time, I asked my webhost to nuke my entire account - I had weekly backups - and rebuilt all sites from zero using the backups I kept on my computer. But you can download all your sites and all their files on your computer through your FTP software and check and see which file doesn't belong to your sites. Delete them - if you wish to open them, do so only using NotePad or NotePad++. Then delete all files on your hosting account and re-upload those you cleaned up.
Hackers could find a way to penetrate my Joomla site. This is the one site I got rid of and never had a problem since then.
Also Google works very fast on such problems so as soon as your hosting account will be cleaned up, they'll remove their warning and will re-include your sites in their index.
Otherwise you can get a lot of help from expert sites. There is one that is devoted to such troubles but, I'm sorry, I don't remember its name
Note that keeping your database, scripts, plugins updated - WP requires constant security updates - is a way to ensure their safety.
Hope you'll find a solution very quickly. Fingers crossed
Thanks for the info. I'm either going to have to take some time to really figure this out or find some help. Hoping my webhost will be able to figure it out. The thing that gets me is that the only problem so far is that one link that goes to the phishing page. Nothing wrong other than that. My sites are fine, seemingly. Google already removed the link from the search engine and put a warning up for anyone that tries it wherever they might happen to find it.
I would assume my sites were actually hacked in some way, because I don't know how else they could use the domain name address in their links.
It can be no other thing than that one link was added to one of your files. Or more simply a script added to your directory. In my case it was a script in one of my directories but I wanted to opt for 100% safety and asked my host to nuke my account. I re-uploaded all sites but the Joomla as it was in that directory that I found the script and through one of the many safety failures of Joomla that the hackers could penetrate.
But do as you see fit, it's better to ask for help than touching files and ruin your hard work
By the way if you use WordPress, I recommend the WordFence plugin.
I set one of the most secure features (failed login attempts) to just 1. So after one, the hacker is blocked. Not the best for me if I type the wrong data while I try to login but at least my site is safe... Well we never ensure safety to 100% but 99% can't hurt.
Thanks, I'm definitely going to check out that plugin.
My webhost got rid of the user that was using my site. Can't remember the exact wording but it was something along the lines of addressing the user that used the "mod_userdir" feature in Apache.
by Dorsi Diaz 14 years ago
I want to set up a couple websites, and am wondering the best and easiest way to set them up would be- I've got one that I set up through Yahoo, but I haven't really done anything with it.Any suggestions from my fellow hubbers?Thanks!
by Pacal Votan 13 years ago
Google admits the accounts of hundreds of gmail users have been hacked. The same is true for hotmail account.If you have gmail or hotmail it is advisable for you to change your login information.
by sunforged 13 years ago
ANybody using a host that offers more than 25 mSQL databases for under 10/month or 100/year?
by Faith Reaper 8 years ago
I guess these sites of misrepresentation will just go on forever ... Tonight I just typed on Google, "Faith Reaper on Hubpages" and as I scrolled down, I found many sites that state just that, but have nothing to do with my writing or any links to my hubs. They are misrepresenting...
by Kathryn Grace 8 years ago
I was delighted to find my whole wheat sourdough biscuit recipe on the first page of a Google search today. Unfortunately, Norton gave it a gray question mark, showing it is unrated and may not be safe. See the screen shot attached.If I found that gray question mark on a search link, I would not...
by Athlyn Green 5 years ago
Having written across of a number of sites, some that did the Google dance before dying a slow death, there's a chilling pattern that unfolds, not only for site owners but for their writers. Owners start by making changes--sometimes huge, time-consuming, expensive ones. Earnings climb and just as...
Copyright © 2023 The Arena Media Brands, LLC and respective content providers on this website. HubPages® is a registered trademark of The Arena Platform, Inc. Other product and company names shown may be trademarks of their respective owners. The Arena Media Brands, LLC and respective content providers to this website may receive compensation for some links to products and services on this website.
Copyright © 2023 Maven Media Brands, LLC and respective owners.
|HubPages Device ID||This is used to identify particular browsers or devices when the access the service, and is used for security reasons.|
|Login||This is necessary to sign in to the HubPages Service.|
|HubPages Traffic Pixel||This is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.|
|Remarketing Pixels||We may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.|
|Conversion Tracking Pixels||We may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.|