Results 1 to 6 of 6
  1. #1

    Google Phishing Attack EMail

    I've received the following email from Google about one of the sites on our server. I wonder if anyone can confirm if this is legitimate and also what the most likely sources of such an attack would be. Is it insecure scripts such as Wordpress?

    Thank you.


    Dear site owner or webmaster of,

    We recently discovered that some pages on your site look like a probable phishing attack, in which users are encouraged to give up sensitive information such as login credentials or banking information. We have begun showing a warning page to users who visit this site in certain browsers that receive anti-phishing data from Google, as well as users redirected to this site from various Google properties.

    Below are one or more example URLs on your site which appear to be part of a phishing attack:

    Here is a link to a sample warning page:

    We strongly encourage you to investigate this immediately to protect users who are being directed to a suspected phishing attack being hosted on your web site. Although some sites intentionally host such attacks, in many cases the webmaster is unaware because:

    1) the site was compromised
    2) the site doesn't monitor for malicious user-contributed content

    If your site was compromised, it's important to not only remove the content involved in the phishing attack, but to also identify and fix the vulnerability that enabled such content to be placed on your site. We suggest contacting your hosting provider if you are unsure of how to proceed.

    Once you've secured your site, and removed the content involved in the suspected phishing attack, or if you believe we have made an error and this is not actually a phishing attack, you can request that the warning be removed by visiting
    and reporting an "incorrect forgery alert." We will review this request and take the appropriate actions.

    Google Search Quality Team

  2. #2
    Join Date
    Sep 2005
    I can say nothing just based on the email. Can you paste the email's header?

  3. #3
    Join Date
    Jul 2008
    yes header helps to determine
    PraHost - 7th Year of Excellence with Stability
    100Mbit, 100Tb & 1Gbps Unmetered Dedicated Servers In NL, DE @ Leaseweb
    Pay via
    Paypal, Skrill, Payza, Webmoney, PerfectMoney and BitCoins

  4. #4
    Join Date
    Mar 2003
    Moved > Technical & Security Issues .
    Specially 4 You
    JoneSolutions.Com ( Jones.Solutions ) is on the net 24/7 providing stable and reliable web hosting solutions and services since 2001

  5. #5
    Join Date
    Oct 2004
    If they send it to the address in the whois info, probably it is legitimate. As I cannot see phishing URL's in the email.
    Probably your user's page triggered a phishing alert.
    Since they are displaying Phishing alert when someone tries to access the page, they are letting you know out of courtesy.
    Cannot be sure without seeing the headers though.
    Closed for winter...

  6. #6
    Join Date
    Oct 2009

    The links you have pasted isn't legitimate, If you have pasted the contents as is. If you have modified the URL for privacy, paste the email header or paste the original URLs listed.
    Windows/Linux Expert; Plesk/Cpanel/Ensim Guru.
    ..and an expert spam tracker.

Similar Threads

  1. Dumbest Phishing email ever!
    By jon-f in forum Web Hosting Lounge
    Replies: 5
    Last Post: 06-24-2009, 09:25 AM
  2. email phishing alert
    By nimasdj in forum Web Hosting
    Replies: 0
    Last Post: 04-26-2008, 03:07 PM
  3. Replies: 3
    Last Post: 03-06-2008, 11:35 PM
  4. PayPal Phishing Email (20/02/06)
    By Graphicism in forum Ecommerce Hosting & Discussion
    Replies: 34
    Last Post: 02-21-2006, 01:25 AM
  5. another 2CO phishing email
    By sasha in forum Web Hosting Lounge
    Replies: 14
    Last Post: 08-22-2005, 11:43 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts