Find your diamond
Find your jewelry
shape
carat
color
clarity

How is a website hijacked?

Status
Not open for further replies. Please create a new topic or request for this thread to be opened.
Tacori E-ring

Tacori E-ring

Super_Ideal_Rock
Joined
Aug 15, 2005
Messages
20,041
I have a question for all our web/IT experts...how is a website hijacked? My business website has apparently been hijacked. When I pull it up it looks normal to me but a web guy said it is layered
33.gif
I guess it shows a company selling drugs out of Mexico
38.gif
To make it worse they are sending e-mails from our site with random names. I know b/c I get a ton of them returned. Then to add to the weirdness I am getting some bounced back to my hotmail account. I am pretty sure there is nothing linked between them (like messages forwarded). Anyways, just wanted to see if anyone had any insight...TIA!
 
I have no insight for you, but I hope it gets fixed. Someone hacked into the email system at work and is sending out spam (ie. viagra emails and the like) under MY email ID somehow, and I am getting all the bounced messages. It''s really irritating. I changed passwords, and asked that my email account be shut down and issue me a new one, and they said that there need to be extenuating circumstances to change someone''s ID. I go, ''well, wouldn''t this fall under that?'' and they actually said NO! It''s really infuriating.
38.gif
 
FG, that sounds more like a virus than a true hijacking. We get those occasionally and that''s how it plays out. To make it worse, it may not even be on YOUR machine, but just somebody who has you in their contact list. OR it could be an email spoofing which also happens a lot. Also not really a reason to change your id. They''ll move on, eventually.

Tacori - have you googled for info? I''m sure there are some expert sites on this somewhere. That sounds like a HUGE issue! good luck!
 
There are dozens of different ways.
You need too notify your hosting company and have them look into that server right away.

The emails might just be a virus on someones machine but the different website unless its the person who sent you that email is the one with the virus is an issue to take up with your hosting company.
There is a good chance that the person who told you about the hijack is infected with a virus and its just his computer but have your hosting company check asap!!!
 
FG, I can''t believe they didn''t think that deserved a new ID?!?

Sum, thanks. I didn''t even think to google it.

Storm, the strange thing is we DID change hosting companies after we found out. When I switched I told them about the hijack and they said it wasn''t their fault.
33.gif
 
Yikes Tacori, call your hosting company asap. When a website is truly hijacked, your site DNS servers have your web domain set to a totally different IP address, so folks will see a different site when they go to your web address. Just call your hosting company and explain that your customers are getting sent to another site.

As far as sending emails from your domain, that can happen many different ways, most of which are your hosting companies fault! If your host allows mail to be sent from their smtp server without verification, spammers can simply use your domain easy as pie.

I''m a computer security consultant by day, so if you need any more advice/or to take a look, let me know. Good luck!
 
Date: 12/18/2007 10:36:46 PM
Author: *Lindsey*
Yikes Tacori, call your hosting company asap. When a website is truly hijacked, your site DNS servers have your web domain set to a totally different IP address, so folks will see a different site when they go to your web address. Just call your hosting company and explain that your customers are getting sent to another site.


As far as sending emails from your domain, that can happen many different ways, most of which are your hosting companies fault! If your host allows mail to be sent from their smtp server without verification, spammers can simply use your domain easy as pie.


I''m a computer security consultant by day, so if you need any more advice/or to take a look, let me know. Good luck!
Click to expand...

Thanks Lindsey! How come when I type in the address it looks normal?
 
Could be a couple of things. First of all, how many people see the drug company instead of your page? If it''s only one person, it''s their computer that''s hosed, not your site. If your DNS servers really have been messed with, then you likely are looking at a cached version of your web page since you probably visit it frequently.
 
Status
Not open for further replies. Please create a new topic or request for this thread to be opened.
GET 3 FREE HCA RESULTS JOIN THE FORUM. ASK FOR HELP
Jewelry Blog
PriceScope-Concierge-Ad
Find prime cuts.
Top