It has been brought to our attention that you’re hosting a phishing webpage on your service ip-184.108.40.206/28.
A malicious person has probably taken control of all or part of your website, and injected this page without your knowledge.
This kind of webpage is made to steal personal information from victims by impersonating well-known legitimage websites (such as banks, e-commerce websites or others).
If you’re using a content manager system (aka «CMS») on your shared hosting offer or on your server, such as WordPress, Joomla or Drupal, check that it’s being maintained up to date at all times. This kind of software is widely used on Internet which is why it’s often targeted when hackers are trying to take control of a website such as yours. Please also verify that any plugins that you may have installed are also up to date, and avoid any unofficial plugin, as those have a higher chance of being malicious or not seriously maintained.
Below is the list of URLs pointing to the phishing webpage you’re hosting :
It is possible that some of those URLs are not accessible right now, because our anti-phishing system might have been activated, protecting victims of this type of fraud, while you’re working to fix the problem.
We made screenshots of those URLs, they are available here :
* http://screenshots.abuse.ovh.net/1gJiC4-4FWgnVD-ZBJ7RVaKKhOwQccw27LyU — (date : 2018-11-05 — url : http://users35.gco.pw)
Please delete these phishing webpages and secure your service (CMS update, system update, password change) to ensure it cannot be hacked again.
When you have fixed the problem, please answer to this e-mail address.
The OVH Abuse team.