On 7/2/09, Petros Kolyvas pk@shiftfocus.ca wrote:
- Since we were not notified of being added (again my main point
contention,) no action could be taken to remedy the situation if there was, in fact, something we could do to secure the site.
To be clear, the owner of the phished brand usually makes very thorough efforts to contact the site owner or web host to let them know about it and to ask them to correct the problem.
Our host even claimed that: The domain is not directly hosting the phishing attack. Due to the fact that the server is running UserDir functionality, other user accounts can be accessed through the / ~username path. My ISP has confirmed that the UserDir functionality will be removed from all server within 48 hours."
Which doesn't answer any of these probably important questions:
1. How was the server cracked? 2. How was the server fixed? 3. Is the phishing site down or still up? 4. Is the server now secure?
It would probably help to have answers to these questions.