My website is wirten in Joomla. The provider turned it off saying it has been phished.
REQUIRES PHILIPPINES PROXY TO VIEW
IP Address: 178.32.141.220
Phishing Content:
hxxps://www .officinadelle11 .it /portal/onlinebanking/verify_success.php
hxxps://www .officinadelle11 .it /portal/onlinebanking/sign-in/index.php
Brand Phished: Bank of Philippine Islands (BPI Express Online)
Legitimate Brand URL's:
http://bpi.com.ph
http://bpidirect.com
http://bpiexpressonline.com
http://expressnet.ph
https://beta.bpiexpressonline.com
http://bpiautoloans.com
http://bpiautomadness.com
http://bpihousingloans.com
http://bpiloans.com
http://bpipersonalloans.com
http://kanegosyo.com.ph
http://kanegosyo.com
http://bpicard.ph
http://bpithrills.ph
http://bpitravel.ph
http://bpiunlock.ph
I checked the FTP space and surprisingly there two files I never uploaded: one is called alex.php and another is a php class for unzip. The alex.php is really a submission form with translations in russian. I aske myself: how is possible to upload files to my FTP space? The credentials are very strong...