Google: Notice Of Phishing?

by Boris_yo

Posted: 15 years ago 11 replies

I have XFactor type of websites. I received message from Google for several of my domains that said the following:

"Dear site owner or webmaster of mydomain.org,

We recently discovered that some pages on your site look like a possible phishing attack,
in which users are encouraged to give up sensitive information such as login credentials
or banking information. We have begun showing a warning page to users who visit this site
in certain browsers that receive anti-phishing data from Google, as well as users
redirected to this site from various Google properties.

Below are one or more example URLs on your site which may be part of a phishing attack:

http://www.mydomainname.org/~alani1/...domainname.org

Here is a link to a sample warning page:
http://www.google.com/interstitial?u...3674a6c58d9173

We strongly encourage you to investigate this immediately to protect users who are being
directed to a suspected phishing attack being hosted on your web site. Although some
sites intentionally host such attacks, in many cases the webmaster is unaware because:

1) the site was compromised
2) the site doesn't monitor for malicious user-contributed content

If your site was compromised, it's important to not only remove the content involved in
the phishing attack, but to also identify and fix the vulnerability that enabled such
content to be placed on your site. We suggest contacting your hosting provider if you are
unsure of how to proceed.

Once you've secured your site, and removed the content involved in the suspected phishing
attack, or if you believe we have made an error and this is not actually a phishing
attack, you can request that the warning be removed by visiting
Report Incorrect Phishing Warning
and reporting an "incorrect forgery alert." We will review this request and take the
appropriate actions.

Sincerely,
Google Search Quality Team"

#google #notice #phishing

jay_vasdewani 15 years ago

Seems like your website was hacked or you have malwares.
- Thanks
- 1 reply
{{ DiscussionBoard.errors[2764258].message }}
- Defunct 15 years ago
  
  Yep, seems like you were probably hacked, contact your web host company for assistance, you might have to check for rootkits too.
  
  Many ways you could have been hacked though, i had to remove a friends site off my VPS recently because he kept getting hacked and getting phishing warnings from the RSA, meaning they shut down my entire VPS till it was sorted out...
  
  Thanks
  
  {{ DiscussionBoard.errors[2768409].message }}
bgmacaw 15 years ago

I got an email like this a while back. It turned out that the email itself was a phishing attack trying to obtain my Google login info!
- [ 2 ] Thanks
- 2 replies
Signature
Product Reviews | Earn Online Cash | Free HTML Templates
Free WordPress Themes: Boring Memo | Dateless Mini-Site | Info Magazine | 100 Twenty-Ten Niche Headers
Discount Templates, Graphics and Scripts: Templates for Website
{{ DiscussionBoard.errors[2768543].message }}
- ImDoingIt 15 years ago
  
  Originally Posted by bgmacaw
  
  I got an email like this a while back. It turned out that the email itself was a phishing attack trying to obtain my Google login info!
  
  That would be the first thing I would be thinking in my mind. Main reason is that I am under the impression that G does not really interact with webmasters via email or anything really except maybe something like Adwords. But for adsense or the search engine general it was non-existent for your average webmaster.
  
  Thanks
  
  {{ DiscussionBoard.errors[2768983].message }}
- paulgl 15 years ago
  
  Originally Posted by bgmacaw
  
  I got an email like this a while back. It turned out that the email itself was a phishing attack trying to obtain my Google login info!
  
  Ditto...
  
  I can't imagine google giving a rat's hat. Certainly they would have no reason
  to send you an email like that. They would sure be sending out a boat load.
  
  Paul
  
  Thanks
  
  Signature
  
  If you were disappointed in your results today, lower your standards tomorrow.
  
  {{ DiscussionBoard.errors[2769930].message }}
Boris_yo 15 years ago

The security department from HostGator said that it was false alarm caused by "userdir" option being enabled for my account, so they disabled that option.
- Thanks
{{ DiscussionBoard.errors[2769427].message }}
RyanEagle 15 years ago

Looks like someone hacked into your domain! It's happened to me before.
- Thanks
Signature

#1 Rated Network - Now Accepting WarriorForum Members: EWA Private Network
Weekly Pay | (3700) Offers | PayPal Payments | (200) Countries | Accepts INTL Publishers
{{ DiscussionBoard.errors[2770627].message }}
socialbookmark 15 years ago

Have you seen changes on the content of your website?
If no, i suggest you to check all of the content of your website using antivirus through your admin panel. Also its better to ask administrator of your server to help you to detect and remove probable virus or malwares.
- Thanks
Signature

I love warriorforum. zendegiyesabz
{{ DiscussionBoard.errors[2770872].message }}
LarryC 15 years ago

I have a similar issue so I'm going to check with my host. I know these aren't fake emails, because they're also listed as message from Google at Webmaster Tools. The strange thing is that they're telling me various pages that don't even exist (that I can tell) are leading to phishing sites.
- Thanks
- 1 reply
Signature
Content Writing, Ghostwriting, eBooks, editing, research.
{{ DiscussionBoard.errors[3324892].message }}
- Boris_yo 15 years ago
  
  In my case i had outbound link from email going to my domain then after extension and slash was strange URL (alani~1 or something) and clicking it was going nowhere. I also checked email's source and there were Google's servers.
  
  Thanks
  
  {{ DiscussionBoard.errors[3325252].message }}