Google keeps thinking part of my site is a phishing attack. The url doesn't exist on my site!, anyo

ne know what is going on or seen this type of thing happen to them?

It quotes the following ( the url is in a picture in the following link) as an example of one of my pages that might be a phishing attack, but the directories and files associated with this url don’t exist on my server.

This is the second time I’ve had one of these emails. Last time I had it I couldn’t make any sense of the ‘help’ that was included.

My ISP just told me to contact google. Yeah right. I’ll just email my pal Dave at the biggest company on the planet.

There is a ‘report mistaken phishing’ thingy tool, but the problem with that is it’s designed for a user to report one of their EXTANT links as not a phishing link… but the link google’s email quoted isn’t one of my valid links, so it would be like saying to google “this link which I didn’t make, and doesn’t exist, isn’t a phishing attack… please remove your flag of it as a phishing attack” which is obviously false.

How have you determined that the link isn’t on your site?

If you’d like to send me a private message with your web address I can take a look.

ETA: Google Webmaster Tools should also help. see here.

I logged in using filezilla, and there is no directory structure for the quoted link. If I take a risk and follow it (and disable the firefox warning) I get my isp’s standard 404 page.

Someone on google’s forums suggested that phishers sometimes put files/dirs on a website for a few days, then take them off again. They suggested getting my isp to check access logs. I’ll do that. I’ll also change passwords (despite how annoying it is to keep having to think of secure passwords that I am capable of remembering!)

I am not fussed about providing my general url here (not the one claimed to be phishing…I’ll pm that to you) - my website is

Ah, I misunderstood your image post. With you now.

This says you’re not listed as suspicious: Webmaster Tools should tell you more.

Aside, it looks like you’re running WordPress 3.0.1, which has some security issues. Please keep up to date.

the other thing that confuses me is that google also reports the website as safe…

simulpost :smiley:
will update wordpress as suggested (in fact I might just remove it - the blog is neglected)

Anyway, thanks for the help. I’ve changed my passwords (not without a lot of hassle! apparently I managed to include a character that the server couldn’t cope with)

I also cleaned the website’s files up a bit (removed a lot of old/unused/test/learning files/dirs) so that I have a better handle on what the website consists of (so harder for malicious code to hide from me)

I will remove or upgrade the blog ‘tomorrow’. (today, but after I’ve slept :smiley: )