On 7/3/09, Petros Kolyvas pk@shiftfocus.ca wrote:
To be clear, the owner of the phished brand usually makes very thorough efforts to contact the site owner or web host to let them know about it and to ask them to correct the problem.
If you've been reading the discussion, you'll know that's not the case in this case - and further points that our site was never used for any phishing.
That's not correct. The site reportedly appeared in phishing messages.
Our host even claimed that: The domain is not directly hosting the phishing attack. Due to the fact that the server is running UserDir functionality, other user accounts can be accessed through the / ~username path. My ISP has confirmed that the UserDir functionality will be removed from all server within 48 hours.
Translation: your site was used for phishing, with a name like www.mydomain.com/~username
Your host is trying to tell you exactly that.