An email sent to us informing that our site is hosting a fraudulent phishing

July 21, 2014 1.1k views


I would like to ask for help on resolving an issue that have happened on our site awhile ago the issue that we have encountered goes like this:

Last week our client have found out that the site logo and social media icons were missing so we've tried to check the server and found out that the files were missing this happened around July 14. After that we've changed the root password for the ftp and ssh access, the database server password and since were using joomla we advice all our administrators to change their passwords just to be sure. Last july 18, we received an email from the system saying that a possible fraudulent phish have possibly get into our site with links on it, we tried to access the link and it was not existing anymore. We checked our server whether folders and files were added but it wasn't there anymore.

Were really having a hard time tracing the real cause of the issue, we have updated our version of joomla to Joomla 2.5.22, but when we receive the email last July 18 we weren't sure if the update was able to fix the problem already or we were able to bypass something that doesn't solve the real root of the issue. Please help us about this issue. I'm not really that good when it comes to server settings and system administration, and focuses more of the coding side of the site. I hope someone expert from your team would able to assist us about this problem.



1 Answer

I believe there would be no help from DO team here just because:

1) lack of information provided;
2) they don't have access to your system to look into your code;
3) even if they had it, this case is FAR beyond their responsibility.

So I may only suggest to hire a security specialist
or learn some security by yourself in case if u're low on budget.

Some free hints for ya:

1) disable root account;
2) stop using ftp NOW and switch to sftp;
3) switch to key authentication;
4) don't use joomla;
5) learn materiel.

Hope it helps.

Have another answer? Share your knowledge.