I recently got from google a Phishing notification and this is part of the phishing attack: http://www.xxxx.com/~solusi/templates/madeyourweb/Acti-vat-ion/Pay-PaI/web-scr_cmd-__login-submit=88d4dd2s/paypal/ereur.htm I looked on the server but I haven't found anything. How do I know if is still there? I had removed all writing permissions previous to the attack. How can I prevent this type of attack? Any help is appreciate it.
u removed that folder too ? just removing writing permission is not enough just visit that link yourself and you can see if it is there are not make sure not to put your password
The problem is that I didn't find any folder and the link doesn't work anymore. You said removing writing permission is not enough, what else should I do?
i mean u need to remove the folder. not just removing write permissions. u can use find command once too to find such folder and remove if you are not sure
I am confused I searched for the folder and I didn't find it and I didn't remove it either. So they just deleted (I find it hard to believe)? I had my site attacked on various occasion and all permission were removed, but the attacks keep coming.... What else should I do to protect my website better? Any ideas are appreciated it. Thanks.
what cms /script you are running ? if you repeatedly attacked it means u probably backing up infected files / db
I have a simple website (css and html) that only has a php script to send email (macromedia). I have scanned the site many times and no virus was found.
hey all.. i just want to share my opinion about..phising.but i think..that too long to tell here.. so you can view my Security & Hacking Technique reference..at my own site. plese check here, http://superhacker.org regards,! Noctis Warlock