I wasn't sure if this was the right place to post this or not, but I'm really confused right now. I have several different domains all hosted on the same server. One of those domains is used to host my mom's website for her offline business, but all of the contact emails for the domain, webmaster tools, etc. are mine. Google shouldn't have her email address, at least not in connection with that website. So today she got an email telling her that a page on her site looks like a phishing attack and has been removed from google. She immediately starts texting/calling me asking wtf? Naturally, I checked my email (the one associated with webmaster tools and the domains) and there's no email from google whatsoever. At first I thought it was just a scam of some kind, someone using a fake email, but I logged into webmaster tools and it says two of my sites have phishing warnings. I'm really incredibly confused right about now. There were a couple of out-of-date plugins and her theme was out of date (I know, I'm kicking myself), so that's probably how it happened. Right now I'm trying to fix it, but I know jack-shit about this sort of thing. I'm downloading the site folders via filezilla and I guess I'll run them through a virus scanner? Not sure if that's even going to do anything, but it was all I could think of at the moment. I still have no idea why google decided to email her instead of me. Equally, I have no idea why I didn't at least get the message about my other site that has compromised. So does anyone have any insight to offer in this situation? EDIT: Oh and I don't know if this is relevant, but I have both versions of the domain register on Webmaster Tools (www and non-www) and only the non-www versions have the warning. I do have the non-www set as the preferred domain, for both so maybe that has something to do with that. I just thought it was weird. Also, my mom forwarded the email to me and my gmail account says that the email itself looks like a phishing email.