08-24-2015, 01:49 AM
|
|
|
Confirmed User
Industry Role:
Join Date: Jan 2011
Location: Somewhere in Germany
Posts: 817
|
Phishlabs? Who are they?
I receive strange emails in the past for almost every of my sites:
Quote:
Our company investigates computer crime incidents on behalf of banks and other companies.
We have discovered that your web site, hottiescam.com, has been attacked by criminals. These criminals created a fake web page which appears to copy a Spark Networks site.
http:// my website .com/services/mchsvjbsuvkjn.html
If possible, please provide the following information to assist our investigation:
- Web server and FTP server log files for the past several days
- Copies of all phishing files, hack tools, or other hacker files
Finally, we kindly request that you disable or remove the phishing files as soon as possible.
We recommend taking the following actions to secure the web site and prevent the attackers from returning:
- Change your web hosting password
- Update your web applications including CMS, blog, ecommerce, and other applications (and all add-on modules/components/plugins)
- Search all of your web directories for suspicious files and investigate any found
- Scan the computer from which you login to your web hosting control panel or ftp server with anti-virus software
If you believe we have contacted you in error, or if we can provide any assistance with this incident, please contact us and let us know.
Thank you for your assistance with this matter,
Eric George
PhishLabs Security Operations
[email protected]
+1.202.386.6001
http://www.phishlabs.com
|
Another one through my abuse contact from my hosting:
Quote:
Our company investigates computer crime incidents on behalf of banks and other companies.
We have discovered that your web site, www.dirtycamsluts.com, has been attacked by criminals. These criminals created a fake web page which appears to copy a Spark Networks site.
hXXp www [dot] MY WEBSITE [dot] com/jimjim/mchsvjbsuvkjn [dot] html
hXXp www [dot] MY WEBSITE [dot] com/jimjim/login [dot] php
If possible, please provide the following information to assist our investigation:
- Web server and FTP server log files for the past several days
- Copies of all phishing files, hack tools, or other hacker files
Finally, we kindly request that you disable or remove the phishing files as soon as possible.
We recommend taking the following actions to secure the web site and prevent the attackers from returning:
- Change your web hosting password
- Update your web applications including CMS, blog, ecommerce, and other applications (and all add-on modules/components/plugins)
- Search all of your web directories for suspicious files and investigate any found
- Scan the computer from which you login to your web hosting control panel or ftp server with anti-virus software
If you believe we have contacted you in error, or if we can provide any assistance with this incident, please contact us and let us know.
Thank you for your assistance with this matter,
Matt Twitty
PhishLabs Security Operations
[email protected]
+1.202.386.6001
http://www.phishlabs.com
|
Sites are running on wordpress. I just checked the sites and found some strange folders in some installs, so I deleted them. Anyone else has this "problem"?
__________________
I know, my english is bad. But your german might be even worse 
|
|
|