Help! Received email from Google about phishing.

Avatar
  • Answered
Hi, I've read a lot of websites now on what to do after receiving an email like this. But I can't find how to remove the page or url that google told me about. Please help! What should I do? Below is the email. Thanks!

Dear site owner or webmaster of reviewhalohalo.com,
We recently discovered that some pages on your site look like a possible phishing attack, in which users are encouraged to give up sensitive information such as login credentials or banking information. We have removed the suspicious URLs from Google.com search results and have begun showing a warning page to users who visit these URLs in certain browsers that receive anti-phishing data from Google.

Below are one or more example URLs on your site which may be part of a phishing attack:

http://www.reviewhalohalo .com/~writeb5/link.php

Here is a link to a sample warning page:
http://www.google.com/interstitial?url=http%3A//www.reviewhalohalo.com/~writeb5/link.php

We strongly encourage you to investigate this immediately to protect users who are being directed to a suspected phishing attack being hosted on your web site. Although some sites intentionally host such attacks, in many cases the webmaster is unaware because:

1) the site was compromised
2) the site doesn't monitor for malicious user-contributed content
If your site was compromised, it's important to not only remove the content involved in the phishing attack, but to also identify and fix the vulnerability that enabled such content to be placed on your site. We suggest contacting your hosting provider if you are unsure of how to proceed.

Once you've secured your site, and removed the content involved in the suspected phishing attack, or if you believe we have made an error and this is not actually a phishing attack, you can request that the warning be removed by visiting
http://www.google.com/safebrowsing/report_error/?tpl=emailer
and reporting an "incorrect forgery alert." We will review this request and take the appropriate actions.

Sincerely,
Google Search Quality Team

Note: if you have an account in Google's Webmaster Tools, you can verify the authenticity of this message by logging into https://www.google.com/webmasters/tools/siteoverview and going to the Message Center, where a warning will appear shortly.
Avatar
Scott
Hello,

Thank you for your question about the Google phishing email for your site. I apologize if this scared you. This email is a mistake on Google's part. The link referenced in the email uses an account name that is not yours. What happens is Google detects a phishing page for website that is hosted on one of our servers and then generates this email. The email, for some reason, ends up going out to all sites that are hosted on the server. The link in the email is generated when the email is created using the information Google has. For everyone except the actual site that has the link, the link is false. That is the case for your situation. You may ignore the email.

We have spoken to Google several times about this, but it seems they have yet to correct it.

Kindest Regards,
Scott M.