Phishing notification in Webmasters and its Solution

One of my clients have received a Phishing notification in the Google Webmasters tool. This is how it looks like.

Dear site owner or webmaster of <site name>,

We recently discovered that some pages on your site look like a possible phishing attack, in which users are encouraged to give up sensitive information such as login credentials or banking information. We have removed the suspicious URLs from Google.com search results and have begun showing a warning page to users who visit these URLs in certain browsers that receive anti-phishing data from Google.

Below are one or more example URLs on your site which may be part of a phishing attack:

<list of URLs>

We strongly encourage you to investigate this immediately to protect users who are being directed to a suspected phishing attack being hosted on your web site. Although some sites intentionally host such attacks, in many cases the webmaster is unaware because:

1) the site was compromised

2) the site doesn’t monitor for malicious user-contributed content

If your site was compromised, it’s important to not only remove the content involved in the phishing attack, but to also identify and fix the vulnerability that enabled such content to be placed on your site. We suggest contacting your hosting provider if you are unsure of how to proceed.

Once you’ve secured your site, and removed the content involved in the suspected phishing attack, or if you believe we have made an error and this is not actually a phishing attack, you can request that the warning be removed by visiting this page, and reporting an “incorrect forgery alert.” We will review this request and take the appropriate actions.

Sincerely,

Google Search Quality Team

Phishing notification in Webmasters google

The solution to this problem is simple.

Solution 1 – If you think your site was compromised.

Remove all the files and recheck if no bad files exist on your server. Then, click on the link mentioned in the message’s last paragraph and request google to review your site again. Your message should look like this.

Hello

We received a message from about a phishing attack on our website. We have removed all the files:

<link of files mentioned in message>

Please review our site again and take appropriate actions.

Sincerely,
(Your Name)

Solution 2 – If your site was not compromised.

Hello

We received a message from about a phishing attack on our website. We have checked our server and we feel that this was an error from your side and it is not a phishing attack.

Please review our site again and take appropriate actions.

Sincerely,
(Your Name)

Tags:, .
Posted on November 21, 2013

Related Content