You have reached this page because we disabled a fraudulent website that was on our network. We have removed the page and replaced it with this information about phishing.

"Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging, and often directs users to enter details at a website, although phone contact has also been used. Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures." ~Wikipedia

What is this? I clicked on a link in an email to access my account information and now I am lost.

You have reached this page because the link you followed was associated with a "phishing" scam found on our network. This scam has been disabled and the company associated with the scam has been notified with all appropriate logs so they can pursue the matter further.

Scam? Was my account information compromised? Should I contact my bank?

If you submitted any private information to this page before it was disabled, you should contact your appropriate banks and account vendors as soon as possible and notify them of the incident. They can assist you with ensuring your account info can be secured to prevent it from being used maliciously.

Wait a second! Why should I trust you? You could be the scammer!

We sincerely apologize, but we are not the bad guys. We too, are a victim of the fraud trend known as "phishing". Malicious third parties will attempt to gain unauthorized access to computer systems to host scam/fraud sites in order to steal money, and to facilitate identify theft.

Why are you telling me this? What does your company get out of this?

Well, we are the victims too. Our system was abused in order for a third party to perform malicious actions. As a datacenter, we do not want such activities on our network. We wish harm to nobody, and we also want what a vast majority of the internet does; to bring the malicious parties to justice where they can bear the full penalty that their respective law system will enforce. We have redirected you to this page in order to help educate you to avoid falling for such tactics. If the scams did not work, there would be very little motivation for attackers to setup such scams in the first place!

I am the owner of domain which was used to host this scam! What should I do?

Please contact the Abuse and Security department of your service provider. They will be able to assist you with removing the security hole which caused the scam to present itself, and provide tips for keeping your site secure in the future.

How do I avoid these types of scams as a consumer?

Phishers employ many tactics to trick innocent parties into releasing private information. The most effective tactics employed by these scammers is a combination of HTML tricks within email messages, and social engineering. They often notify you that your account has been disabled, or there is a problem with your account, and you need to provide them with personal information in order to fix the problem. They also conveniently provide a link to click on which looks like the domain name of the account vendor which they are masquerading as. The first line of defense is skepticism. Consider it logically. No company will notify you of a billing issue via email, and request your social security number, credit card info, or PIN number. The vast majority of businesses understand the privacy concerns of giving out such information. Verification of your identity usually consists of multiple, less invasive personal identifiers, such as a certain set of your account numbers, or a secret password you setup with the company upon signup. Birthdays, and addresses may also be used. This is done so that consumers will feel more willing to provide such identifiers, without feeling like they are giving away their complete identity. And in the vast majority of these cases, it is done via a telephone call.

Where can I find further resources about "phishing" and how to avoid it?

Antiphishing.org

Microsoft's Phishing Article

FDIC Consumer Alerts

Netcraft Toolbar

Firefox and Safe-Browsing Guide

Latest Security News from secunia.com: