I am so pissed. Thanks to the folks at phishcop.net and Michael from http://www.kaspersky.co.jp/, I was made aware of the fact that one of my directories had been hacked and was being used to run a phishing scam, designed to trick Wheels Fargo bank customers into updating their account. Complete and total bullshit. I know most people are well-informed about these scams and know not to fall for them, but there are always people who do fall for them for whatever reason. This means that it’s possible that some people came to that malicious page hosted by my site on server space that I’m paying for, entered their information and as a result are now in deep financial trouble. That pisses me off more than anything right now.
What if people think I’m behind it? I had no idea it was going on and I should have been more vigilant about securing my server. I tried to secure it but apparently it wasn’t good enough. Then when I first tried to go and delete the files, I didn’t have the permissions! Hello, it’s my server, shouldn’t I have the permission to delete f-ing files from my own server? I called tech support and the very helpful person on the phone told me that those assholes probably put php.ini files in another directory that took ownership away from me. So he deleted all of that crap off my server and now it’s all gone. I clicked the malicious link to make sure it was gone and Firefox warns me that the URL had been marked as a malicious site by users. It was just so surreal that to see MY site marked that way.
I sincerely hope that no one was scammed through that page on my site. How long has it been there? I have no idea. I had no idea it was happening. So is my site now on some web blacklist? I want to find the assholes who did this and give ’em a good whack in the face. I’m pissed off, it’s too early in the morning and I’m not happy about going back to class. Plus I’m just worried that someone might have been scammed on that page hosted by my site, and I had nothing to do with it. I am not a forgerer or a phisher, I promise!!!!
And thanks to those who alerted me about this problem, I really really appreciate it! And to people who were scammed due to my incompetence in securing my server, I am really sorry and I wish there was something I could do. Too bad there are so many assholes in this world who can’t get lives of their own and real jobs so they have to make money by dishonest means.
most people don’t (shouldn’t) fall for those stupid scams anyway
They used YOUR site? That’s horrible. What is wrong with those people, that they have to use someone else’s site to run their horrible schemes?? I mean, it’s just so, so sad. Good thing you caught it! I don’t think it would be your fault if someone got scammed. It would suck, yes, but it wouldn’t be your fault since you definitely can prove you weren’t behind it all.
Don’t worry about it too much. I doubt anybody was scammed. The bank trick is one of the oldest in the book. I can’t see who in their right mind would fall for it, given the amount of exposure it’s gotten over the last few years.