Phishing problem and google told me goodbye - Google Search and SEO forum at WebmasterWorld - WebmasterWorld

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Phishing problem and google told me goodbye

chainazo

6:18 pm on Aug 7, 2023 (gmt 0)

Top Contributors Of The Month

Lately emails were arriving to my company with email names that we had not created but with our web extension after the @ for example isntmymail@example.com. I guess attacker was testing my safety and warning me that something was going to go wrong with my site.

Finally last week our central email account was "hijacked" and no more emails from any customer arrived.
We have no more orders from our customers. Desperate!

Google realized that something was wrong and decided to remove my site from their index. Due to phishing Google said.

In addition, when you enter directly to my website, all browsers put that red warning screen "it's an insecure site".

I have removed all the code from the site and made a single page with a "Redesigning our site" message, but the browsers still see it as insecure.

Questions about 2 steps that added together might work. But since I don't know, none of this may work (of course open to suggestions):

1) If I redo the "contact" page (which was the hijacked page) , and furthermore....

2) If I change to another hosting company (so that the ip is different and google doesn't look suspiciously at it)? to finally....

3) Would google accept the page again?

[edited by: engine at 6:54 am (utc) on Aug 8, 2023]
[edit reason] Please use example.com as it can never be owned [/edit]

not2easy

7:25 pm on Aug 7, 2023 (gmt 0)

WebmasterWorld Administrator

10+ Year Member

Top Contributors Of The Month

There are a lot of places you can test the various things on your site related to security, from SSL to DNS and your mail settings.
Here are a few places to start because just moving to a different host isn't going to fix or prevent such problems. You should find the causes.

DNS testing: https://www.dnsstuff.com/
SSL testing: https://www.ssllabs.com/ssltest/
Malware testing: https://support.google.com/webmasters/answer/2721435

Make sure your email is secure. There are many email testing sites also, you should have a DMARC policy along with DKIM and SPF set up.

chewy

11:37 pm on Sep 27, 2023 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Yes indeed - make sure you do the full DMARC / DKIM / SPF.

This also means making sure your contact form is ALSO using SPF to make sure your emails get through.

We had a project where no emails were getting through and we found we were on a blacklist.

Only after changing to a new domain did things clear up. Also getting some of the people to stop using AOL might have somehow helped.

My guess was there was one or more infected machines inside the company sending out billions of spam emails using the company domain. It could have been from outside as well. This would have definitely caused the blacklisting. If you haven't already discovered it, learn how to use mxtoolbox. Good luck!

dolcevita

5:48 pm on Oct 4, 2023 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

@chewy

We had a project where no emails were getting through and we found we were on a blacklist.

Only after changing to a new domain did things clear up.

Are you sure? So far i know spam email blacklisting is not related to domain but to IP address.
I have never heard that a domain is blacklisted, when it comes to suspicious email traffic, instead of an IP address.

Regarding the specific DMARC/DKIM/SPF testing try:
[dmarcly.com...]

For DNS domain test with simple explanations, I prefer DNS tool from:
[ip-tracker.org...]
or
[intodns.com...]