I've gotten a couple messages on my Webmaster Tools console that two of my own sites are being used for a phishing scam. The scammers are using the url for my sites, then attaching the address to their phishing page. Google says they've removed the url from the search engine and put up an alert to anyone who goes to the offending link. Still, they advise I look into it and contact my webhost; I've sent the webhost a ticket about it, still haven't heard back.
Does anyone have experience with this? If so, do you know what to do about it? How is someone even able to use my sites' domains for their phishing pages? Does it mean my sites were compromised?
Basically, my sites are alright if you go to them. Nothing appears wrong. Just those particular links that are phishy are connected to them.
Is it enough that Google has taken them off the search engine? Or is there still a problem? Will my sites get blacklisted?
Wish I could help but I have no experience of phishing problems. I reckon google webmaster forums are the best place to ask for help:
https://productforums.google.com/forum/ … ing$20scam
I've had this done to my sites years ago.
After a short investigation, I realized that one of my sites was hacked and that from this entry door, they invaded my hosting account.
Because I didn't want to lose my time, I asked my webhost to nuke my entire account - I had weekly backups - and rebuilt all sites from zero using the backups I kept on my computer. But you can download all your sites and all their files on your computer through your FTP software and check and see which file doesn't belong to your sites. Delete them - if you wish to open them, do so only using NotePad or NotePad++. Then delete all files on your hosting account and re-upload those you cleaned up.
Hackers could find a way to penetrate my Joomla site. This is the one site I got rid of and never had a problem since then.
Also Google works very fast on such problems so as soon as your hosting account will be cleaned up, they'll remove their warning and will re-include your sites in their index.
Otherwise you can get a lot of help from expert sites. There is one that is devoted to such troubles but, I'm sorry, I don't remember its name
Note that keeping your database, scripts, plugins updated - WP requires constant security updates - is a way to ensure their safety.
Hope you'll find a solution very quickly. Fingers crossed
Thanks for the info. I'm either going to have to take some time to really figure this out or find some help. Hoping my webhost will be able to figure it out. The thing that gets me is that the only problem so far is that one link that goes to the phishing page. Nothing wrong other than that. My sites are fine, seemingly. Google already removed the link from the search engine and put a warning up for anyone that tries it wherever they might happen to find it.
I would assume my sites were actually hacked in some way, because I don't know how else they could use the domain name address in their links.
It can be no other thing than that one link was added to one of your files. Or more simply a script added to your directory. In my case it was a script in one of my directories but I wanted to opt for 100% safety and asked my host to nuke my account. I re-uploaded all sites but the Joomla as it was in that directory that I found the script and through one of the many safety failures of Joomla that the hackers could penetrate.
But do as you see fit, it's better to ask for help than touching files and ruin your hard work
By the way if you use WordPress, I recommend the WordFence plugin.
I set one of the most secure features (failed login attempts) to just 1. So after one, the hacker is blocked. Not the best for me if I type the wrong data while I try to login but at least my site is safe... Well we never ensure safety to 100% but 99% can't hurt.
Thanks, I'm definitely going to check out that plugin.
My webhost got rid of the user that was using my site. Can't remember the exact wording but it was something along the lines of addressing the user that used the "mod_userdir" feature in Apache.
by Dorsi Diaz 9 years ago
I want to set up a couple websites, and am wondering the best and easiest way to set them up would be- I've got one that I set up through Yahoo, but I haven't really done anything with it.Any suggestions from my fellow hubbers?Thanks!
by Pacal Votan 9 years ago
Google admits the accounts of hundreds of gmail users have been hacked. The same is true for hotmail account.If you have gmail or hotmail it is advisable for you to change your login information.
by Ronald E Franklin 9 months ago
I just received an email from Google AdSense that I never expected to receive:"In the last 24 hours: New violations were detected. As a result, ad serving has been restricted or disabled on pages where these violations of the AdSense Program Policies were found."Panic! What made it much...
by Courtney Rhodes 3 years ago
I discovered a site which has many hubs on it. I was notified by Google alerts..very handy tool btw. The site is rocketbix.com please check to see if your hub was copied...mine was..word for word.How does one go about having it removed? DMCA? or is there a different way?
by Nathan Bernardo 4 years ago
It is something that's bugged me for a long time how there is a discrepancy between GA stats and the stats my webhost provides for my website. Most people say GA is more reliable, but that wasn't making sense to me for many reasons. There is a very convincing argument that the stats that are...
by Judy Filarecki 3 years ago
I came across this link when doing a google search to see what the changes in URL had on my hubpages. I was afraid to open it , but it is something from Japan "Alice from Japan" and is using phrases from my profile. I forgotten what to do to report this to Google. I would appreciate if...
Copyright © 2019 HubPages Inc. and respective owners. Other product and company names shown may be trademarks of their respective owners. HubPages® is a registered Service Mark of HubPages, Inc. HubPages and Hubbers (authors) may earn revenue on this page based on affiliate relationships and advertisements with partners including Amazon, Google, and others.
|HubPages Device ID||This is used to identify particular browsers or devices when the access the service, and is used for security reasons.|
|Login||This is necessary to sign in to the HubPages Service.|
|HubPages Traffic Pixel||This is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.|
|Remarketing Pixels||We may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.|
|Conversion Tracking Pixels||We may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.|