need help about phishing website issue !

pardede

Newbie
Joined
Oct 30, 2023
Messages
28
Reaction score
26
Hi ! can someone help and give some tips regarding phishing.
I handle one website. but the website keep being phishing. my domain if I search my brand keyword from rank 1 drop down until rank 10.
below the example of phishing. they keep generate using people brand website and description if we click the link redirect to his MS.

how to takedown and protect the website from this phishing ?
my I know what kind of phishing is this ?

site:https://ungarantimur.semarangkab.go.id/wp-includes/block-bindings/?tag=

phising.png
 
i agree with @DarkerAds
it's not phishing. your site was hacked/compromised.
usually happens if you use nulled wordpress themes/extensions. you have a malicious actor that compromised your server/wordpess and causing that.
first reinstall wp. don't use nulled stuff. or find another source for it. u can use cloud security tools/wp extensions to scan the theme/extensions for malware.
audit your cpanel accounts, ftp accounts. wp accounts. ssh accounts....etc.
 
i agree with @DarkerAds
it's not phishing. your site was hacked/compromised.
usually happens if you use nulled wordpress themes/extensions. you have a malicious actor that compromised your server/wordpess and causing that.
first reinstall wp. don't use nulled stuff. or find another source for it. u can use cloud security tools/wp extensions to scan the theme/extensions for malware.
audit your cpanel accounts, ftp accounts. wp accounts. ssh accounts....etc.
true, though i have also seen that the hosting themselves hack the sites and upload malware pages
so its not only wordpress issues :/
 
Hi @DarkerAds & @uncutu ,

this is phishing in Indonesia, all provider of online gambling in Indonesia been phishing using this method.
the plan is they using our brand to get member.

all the domain they us is ac.id is the government domain, that got hack and sell it to other people using webshell.
they use to create subdomain

now we online gambling quite confused regarding this issue. report google also useless
 
youre calling it phishing. its not phishing.
someone has access to your server/WP instance and is spamming it with their links.
its malware. or shitty server owner that is putting malware on your shared hosting plan.
if you are using hacked webshells, what do you expect.
its like downloading pirated software then complaining you got ransomware. or meeting a prostitute with no condom. you're going to get burned.
so wants the solution. move to a real hosting provider. google support team isn't going to help you with your security issue.
 
Last edited:
Hi @DarkerAds & @uncutu ,

this is phishing in Indonesia, all provider of online gambling in Indonesia been phishing using this method.
the plan is they using our brand to get member.

all the domain they us is ac.id is the government domain, that got hack and sell it to other people using webshell.
they use to create subdomain

now we online gambling quite confused regarding this issue. report google also useless
yeah that also works, but its not phishing, the site is a hacked site
phishing is like cloning a site and using that theme on your own domain
 
youre calling it phishing. its not phishing.
someone has access to your server/WP instance and is spamming it with their links.
its malware. or shitty server owner that is putting malware on your shared hosting plan.
if you are using hacked webshells, what do you expect.
its like downloading pirated software then complaining you got ransomware. or meeting a prostitute with no condom. you're going to get burned.
so wants the solution. move to a real hosting provider. google support team isn't going to help you with your security issue.

yeah that also works, but its not phishing, the site is a hacked site
phishing is like cloning a site and using that theme on your own domain
Good point
 
just report it to to the site admins of the ac.id
Hi @DarkerAds & @uncutu ,

this is phishing in Indonesia, all provider of online gambling in Indonesia been phishing using this method.
the plan is they using our brand to get member.

all the domain they us is ac.id is the government domain, that got hack and sell it to other people using webshell.
they use to create subdomain

now we online gambling quite confused regarding this issue. report google also useless
 
This isn't phishing, the site has been hacked and used to advertise random things.
 
if u guys say my site get hack. so all the domain under engine that provide that gambling get hack also ?
because the one that own the hosting is the provider of engine gambling site.
 
Hi ! can someone help and give some tips regarding phishing.
I handle one website. but the website keep being phishing. my domain if I search my brand keyword from rank 1 drop down until rank 10.
below the example of phishing. they keep generate using people brand website and description if we click the link redirect to his MS.

how to takedown and protect the website from this phishing ?
my I know what kind of phishing is this ?

site:https://ungarantimur.semarangkab.go.id/wp-includes/block-bindings/?tag=

View attachment 351370
You can report them to Google but I don't know if it will work.
 
Hi ! can someone help and give some tips regarding phishing.
I handle one website. but the website keep being phishing. my domain if I search my brand keyword from rank 1 drop down until rank 10.
below the example of phishing. they keep generate using people brand website and description if we click the link redirect to his MS.

how to takedown and protect the website from this phishing ?
my I know what kind of phishing is this ?

site:https://ungarantimur.semarangkab.go.id/wp-includes/block-bindings/?tag=

View attachment 351370
in general knowledge, its not called a phising, phising is when you gain someone information or data through a page or app that look similar like the service, i've been through this too and the only thing we can do is Report them on google, with the right reports spam, you can report them here :

https://search.google.com/search-console/report-spam
 
Back
Top