Fraudulent phish website? So confused.

Question

Hi! I'm still really new at this, but in the first course I took, "How to build a website" I was able to follow along and get a basic site online via namecheap/Webhostingforstudents. I mostly used the same code Nick taught us, and only tweaked a few things like color etc. Today I received the following email:

"Hello,

It has come to our attention that you are hosting a fraudulent ‘phish’ web-site at the following URLs:

hXXp://theglitteredsoul.com/houseview/googledrive/index.php hXXp://theglitteredsoul.com/houseview/googledrive/

You are required to remove the site within next 24 hours in order to prevent any service interruption for theglitteredsoul.com domain. If the site is not removed within next 24 hours we may be forced to suspend access to this domain.

Regards, Julia L. Legal & Abuse Department Namecheap.com"

First of all, the links shown are not anything I recognize as being part of my code.

Is it possible I've already been hacked?

Now, where do I go to fix this? I'm thinking I need to get in to Webhostingforstudents, but I'm only seeing a place to sign up and not a place to sign in.

Can anyone guide or point me in the direction here?

Thank you.

Answer 1 · 2015-05-14T15:35:35Z

May 14, 2015 3:35pm

The early code is not intended for live sites as they have not added the safety code that prevents common attacks for forms and other elements. I am interested if you could post the code as it is now here to see what was done.

Answer 2 · 2015-05-14T16:22:32Z

May 14, 2015 4:22pm

Hi Angela Miller,

I would email your hosting company. This could be a variety of issues; someone might be trying to phish for your information, or perhaps your site was somehow hacked. In the case of HTML and CSS, there are generally no security features to enable; it's simply a declarative document with some information inside of it. The security vectors for a static website typically all reside with the web host, so if (and that is if) your site did indeed get hacked, that's probably where it happened.

Answer 3 · 2015-05-14T20:03:06Z

May 14, 2015 8:03pm

Thank you for getting back to me. Getting an email from a legal department is a scary thing and I panicked. After I got your response, I went to my confirmation email from the hosting company and got my info to log in to the cpanel of my domain. I saw a few files that I did not recognize which had a modification date of yesterday, and I hadnt touched anything since launching it several days ago. Because Im still trying to get a basic grasp on what im doing here, and was in a panic, I started deleting them, and in doing that I accidentally killed my entire site somehow. Awesome lol. On one hand, its probably a good thing that im having issues early on, so I may learn to fix them, but on the other hand I feel extremely lost now. Is there a course that you recommend that might help me address/fix whatever I just did?

Answer 4 · 2015-05-14T21:36:25Z

May 14, 2015 9:36pm

UPDATE- Webhostingforstudents got back to me and said that it DID appear I had been hacked, and that they recommended that they wipe my account and provide me with new login credentials. They asked if I had a backup of my files to upload, but I told them it honestly didnt matter because id rather start from scratch now that I had a few more courses under my belt anyhow. Whew, im in legal compliance again. Thanks for directing me to the host!

Welcome to the Treehouse Community

Looking to learn something new?

Angela Miller

Angela Miller

Fraudulent phish website? So confused.

4 Answers

Ted Sumner

Ted Sumner

Nick Pettit

Nick Pettit

Ted Sumner

Ted Sumner

Nick Pettit

Nick Pettit

Ted Sumner

Ted Sumner

Angela Miller

Angela Miller

Angela Miller

Angela Miller