Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #904
    Profile photo of Michal B
    Michal B
    Participant

    Out of a sudden I received a very worrying e-mail from google. What should I do and why did it happen?! This is what is says:

    Dear site owner or webmaster of photocreo.com,
    We recently discovered that some pages on your site look like a possible phishing attack, in which users are encouraged to give up sensitive information such as login credentials or banking information. We have removed the suspicious URLs from Google.com search results and have begun showing a warning page to users who visit these URLs in certain browsers that receive anti-phishing data from Google.

    Below are one or more example URLs on your site which may be part of a phishing attack:

    http://stock.photocreo .com/~soulci5/go.phpsection=72703&reason=&portal=&dltoken=aca1954e8162992e68e5befb5750a62e/
    http://www.photocreo .com/~soulci5/go.phpsection=72703&reason=&portal=&dltoken=aca1954e8162992e68e5befb5750a62e/

    Here is a link to a sample warning page:
    http://www.google.com/interstitial?url=http%3A//stock.photocreo.com/~soulci5/go.phpsection%3D72703%26reason%3D%26portal%3D%26dltoken%3Daca1954e8162992e68e5befb5750a62e/

    We strongly encourage you to investigate this immediately to protect users who are being directed to a suspected phishing attack being hosted on your web site. Although some sites intentionally host such attacks, in many cases the webmaster is unaware because:

    1) the site was compromised
    2) the site doesn’t monitor for malicious user-contributed content

    If your site was compromised, it’s important to not only remove the content involved in the phishing attack, but to also identify and fix the vulnerability that enabled such content to be placed on your site. We suggest contacting your hosting provider if you are unsure of how to proceed.

    Once you’ve secured your site, and removed the content involved in the suspected phishing attack, or if you believe we have made an error and this is not actually a phishing attack, you can request that the warning be removed by visiting
    http://www.google.com/safebrowsing/report_error/?tpl=emailer
    and reporting an “incorrect forgery alert.” We will review this request and take the appropriate actions.

    #8977
    Profile photo of JoAnnSnover
    JoAnnSnover
    Participant

    I don’t understand that notice – are you sure the e-mail is legit (i.e. really from Google)?

    I can’t follow the links from that e-mail (copying and pasting the entire link) – got a can’t find it message from Google search instead of the page – so I don’t know what they didn’t like. That doesn’t look like any URL for any part of a symbiostock site though

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.