Phishing is a malicious operation executed by hackers in hopes of making a quick buck. It starts with hacking a website then using the site’s resources to send emails with deceptive messages. The purpose of these messages is to dupe people into sharing sensitive information like credit card info. A common example is a phishing email that will be sent to someone’s inbox prompting them to click a link and open a website. The site will be a hoax version of a trusted site like a banking site.
Phishing attacks used to be carried out on a large scale. Attackers would target a large number of people by sending them emails hoping that someone will take the bait. But today email service providers like Gmail have good anti-phishing measures in place. That is bad news for your website because it is being blocked by email service providers.
Hackers use compromised websites to send hundreds and thousands of spam emails for phishing purposes. Email providers take strict against such websites. Your website can be blacklisted by Google. Your domain can be marked as dangerous by spam watchdog services like Spamhaus, your web host may suspend your site. In most cases, site owners are unaware that their website is being exploited until it’s too late.
A typical phishing website will have the following characteristics: