Google: Notice Of Phishing?

Boris_yo · 10-23-2010, 08:58 AM

I have XFactor type of websites. I received message from Google for several of my domains that said the following:

"Dear site owner or webmaster of mydomain.org,

We recently discovered that some pages on your site look like a possible phishing attack,
in which users are encouraged to give up sensitive information such as login credentials
or banking information. We have begun showing a warning page to users who visit this site
in certain browsers that receive anti-phishing data from Google, as well as users
redirected to this site from various Google properties.

Below are one or more example URLs on your site which may be part of a phishing attack:

http://www.mydomainname.org/~alani1/...domainname.org

Here is a link to a sample warning page:
http://www.google.com/interstitial?u...3674a6c58d9173

We strongly encourage you to investigate this immediately to protect users who are being
directed to a suspected phishing attack being hosted on your web site. Although some
sites intentionally host such attacks, in many cases the webmaster is unaware because:

1) the site was compromised
2) the site doesn't monitor for malicious user-contributed content

If your site was compromised, it's important to not only remove the content involved in
the phishing attack, but to also identify and fix the vulnerability that enabled such
content to be placed on your site. We suggest contacting your hosting provider if you are
unsure of how to proceed.

Once you've secured your site, and removed the content involved in the suspected phishing
attack, or if you believe we have made an error and this is not actually a phishing
attack, you can request that the warning be removed by visiting
Report Incorrect Phishing Warning
and reporting an "incorrect forgery alert." We will review this request and take the
appropriate actions.

Sincerely,
Google Search Quality Team"

jay_vasdewani · 10-23-2010, 09:27 AM

Seems like your website was hacked or you have malwares.

Defunct · 10-24-2010, 12:04 PM

Yep, seems like you were probably hacked, contact your web host company for assistance, you might have to check for rootkits too.

Many ways you could have been hacked though, i had to remove a friends site off my VPS recently because he kept getting hacked and getting phishing warnings from the RSA, meaning they shut down my entire VPS till it was sorted out...

yukon · 10-24-2010, 12:43 PM

Go to your sites Google cache (text-only version), If someone has planted links on your site they will stand out big time when looking at the cache.

Most hacks/backlinks are in the header or footer of the page.

bgmacaw · 10-24-2010, 12:53 PM

I got an email like this a while back. It turned out that the email itself was a phishing attack trying to obtain my Google login info!

ImDoingIt · 10-24-2010, 03:24 PM

Quote:

Originally Posted by bgmacaw

I got an email like this a while back. It turned out that the email itself was a phishing attack trying to obtain my Google login info!

That would be the first thing I would be thinking in my mind. Main reason is that I am under the impression that G does not really interact with webmasters via email or anything really except maybe something like Adwords. But for adsense or the search engine general it was non-existent for your average webmaster.

Boris_yo · 10-24-2010, 06:28 PM

The security department from HostGator said that it was false alarm caused by "userdir" option being enabled for my account, so they disabled that option.

paulgl · 10-24-2010, 10:05 PM

Quote:

Originally Posted by bgmacaw

I got an email like this a while back. It turned out that the email itself was a phishing attack trying to obtain my Google login info!

Ditto...

I can't imagine google giving a rat's hat. Certainly they would have no reason
to send you an email like that. They would sure be sending out a boat load.

Paul

RyanEagle · 10-25-2010, 02:01 AM

Looks like someone hacked into your domain! It's happened to me before.

socialbookmark · 10-25-2010, 03:47 AM

Have you seen changes on the content of your website?
If no, i suggest you to check all of the content of your website using antivirus through your admin panel. Also its better to ask administrator of your server to help you to detect and remove probable virus or malwares.

LarryC · 02-07-2011, 06:38 PM

I have a similar issue so I'm going to check with my host. I know these aren't fake emails, because they're also listed as message from Google at Webmaster Tools. The strange thing is that they're telling me various pages that don't even exist (that I can tell) are leading to phishing sites.

Boris_yo · 02-07-2011, 07:49 PM

In my case i had outbound link from email going to my domain then after extension and slash was strange URL (alani~1 or something) and clicking it was going nowhere. I also checked email's source and there were Google's servers.

10-23-2010, 08:58 AM	#1
Boris_yo Advanced Warrior Join Date: Jul 2007 Location: , , Israel. Posts: 562 Thanks: 123 Thanked 14 Times in 13 Posts	Google: Notice Of Phishing? I have XFactor type of websites. I received message from Google for several of my domains that said the following: "Dear site owner or webmaster of mydomain.org, We recently discovered that some pages on your site look like a possible phishing attack, in which users are encouraged to give up sensitive information such as login credentials or banking information. We have begun showing a warning page to users who visit this site in certain browsers that receive anti-phishing data from Google, as well as users redirected to this site from various Google properties. Below are one or more example URLs on your site which may be part of a phishing attack: http://www.mydomainname.org/~alani1/...domainname.org Here is a link to a sample warning page: http://www.google.com/interstitial?u...3674a6c58d9173 We strongly encourage you to investigate this immediately to protect users who are being directed to a suspected phishing attack being hosted on your web site. Although some sites intentionally host such attacks, in many cases the webmaster is unaware because: 1) the site was compromised 2) the site doesn't monitor for malicious user-contributed content If your site was compromised, it's important to not only remove the content involved in the phishing attack, but to also identify and fix the vulnerability that enabled such content to be placed on your site. We suggest contacting your hosting provider if you are unsure of how to proceed. Once you've secured your site, and removed the content involved in the suspected phishing attack, or if you believe we have made an error and this is not actually a phishing attack, you can request that the warning be removed by visiting Report Incorrect Phishing Warning and reporting an "incorrect forgery alert." We will review this request and take the appropriate actions. Sincerely, Google Search Quality Team"

10-23-2010, 09:27 AM	#2
jay_vasdewani Active Warrior War Room Member Join Date: Sep 2009 Posts: 70 Thanks: 24 Thanked 11 Times in 10 Posts	Re: Google: Notice Of Phishing? Seems like your website was hacked or you have malwares.

10-24-2010, 12:04 PM	#3
Defunct HyperActive Warrior War Room Member Join Date: Oct 2010 Posts: 254 Thanks: 23 Thanked 47 Times in 33 Posts	Re: Google: Notice Of Phishing? Yep, seems like you were probably hacked, contact your web host company for assistance, you might have to check for rootkits too. Many ways you could have been hacked though, i had to remove a friends site off my VPS recently because he kept getting hacked and getting phishing warnings from the RSA, meaning they shut down my entire VPS till it was sorted out...

10-24-2010, 12:43 PM	#4
yukon SEO Strategist War Room Member Join Date: Jun 2010 Posts: 6,532 Thanks: 355 Thanked 1,992 Times in 1,273 Posts	Re: Google: Notice Of Phishing? Go to your sites Google cache (text-only version), If someone has planted links on your site they will stand out big time when looking at the cache. Most hacks/backlinks are in the header or footer of the page.

10-24-2010, 12:53 PM	#5
bgmacaw Senior Warrior Member War Room Member Join Date: Aug 2008 Location: Atlanta GA Metro Area, USA. Posts: 3,643 Blog Entries: 5 Thanks: 309 Thanked 922 Times in 642 Posts Social Networking	Re: Google: Notice Of Phishing? I got an email like this a while back. It turned out that the email itself was a phishing attack trying to obtain my Google login info!
	Product Reviews \| Earn Online Cash \| Free HTML Templates Free WordPress Themes: Boring Memo \| Dateless Mini-Site \| Info Magazine \| 100 Twenty-Ten Niche Headers Discount Templates, Graphics and Scripts: Templates for Website

10-24-2010, 06:28 PM	#7
Boris_yo Advanced Warrior Join Date: Jul 2007 Location: , , Israel. Posts: 562 Thanks: 123 Thanked 14 Times in 13 Posts	Re: Google: Notice Of Phishing? The security department from HostGator said that it was false alarm caused by "userdir" option being enabled for my account, so they disabled that option.

10-25-2010, 02:01 AM	#9
RyanEagle I'll Make You Rich Join Date: Dec 2009 Location: Chicago, IL Posts: 693 Thanks: 7 Thanked 94 Times in 76 Posts Social Networking Contact Info	Re: Google: Notice Of Phishing? Looks like someone hacked into your domain! It's happened to me before.
	#1 Rated Network - Now Accepting WarriorForum Members: EWA Private Network Weekly Pay \| (3700) Offers \| PayPal Payments \| (200) Countries \| Accepts INTL Publishers

10-25-2010, 03:47 AM	#10
socialbookmark Senior Warrior Member Join Date: Jul 2010 Location: USA Posts: 1,507 Thanks: 9 Thanked 82 Times in 81 Posts Social Networking	Re: Google: Notice Of Phishing? Have you seen changes on the content of your website? If no, i suggest you to check all of the content of your website using antivirus through your admin panel. Also its better to ask administrator of your server to help you to detect and remove probable virus or malwares.
	Pagerank 5 Social Bookmarking (Dofollow) Hubmesh.com ( 70% Revenue Sharing ) Google Pagerank Checker Tool WDmoney.com 9meta TagzBook FF FH News SocialNews

02-07-2011, 06:38 PM	#11
LarryC Advanced Warrior War Room Member Join Date: May 2007 Location: , , USA. Posts: 590 Thanks: 96 Thanked 91 Times in 72 Posts	Re: Google: Notice Of Phishing? I have a similar issue so I'm going to check with my host. I know these aren't fake emails, because they're also listed as message from Google at Webmaster Tools. The strange thing is that they're telling me various pages that don't even exist (that I can tell) are leading to phishing sites.
	Let Me Write a Kindle Book For You

02-07-2011, 07:49 PM	#12
Boris_yo Advanced Warrior Join Date: Jul 2007 Location: , , Israel. Posts: 562 Thanks: 123 Thanked 14 Times in 13 Posts	Re: Google: Notice Of Phishing? In my case i had outbound link from email going to my domain then after extension and slash was strange URL (alani~1 or something) and clicking it was going nowhere. I also checked email's source and there were Google's servers.