Hello censureENBG, Sorry to hear about the phishing alert. Google has a method of identifying which server the compromised account is on and for some reason, emails every site that is on that server with the alert. The alert typically has a URL on it containing your domain name followed by the cPanel username. For example: example.com/~username/new/file.php The domain name will be yours but if the username portion is not your cPanel username, then your account is not compromised. You can simply ignore the email at that point. If the username does happen to be yours, then your site has indeed been compromised and you will want to contact support to have them remove the offending files. You will also want to follow our guide on what to do after a hack to prevent any further instances. Kindest Regards, Scott M