Phishing site uses subdomain that I never registered
- by gotgenes
I recently received the following message from Google Webmaster Tools:
Dear site owner or webmaster of http://gotgenes.com/,
[...]
Below are one or more example URLs on your site which may be part of a
phishing attack:
http://repair.gotgenes.com/~elmsa/.your-account.php
[...]
What I don't understand is that I never had a subdomain repair.gotgenes.com, but visiting it in the web browser gives an actual My DNS is FreeDNS, which does not list a repair subdomain. My domain name is registered with GoDaddy, and the nameservers are correctly set to NS1.AFRAID.ORG, NS2.AFRAID.ORG, NS3.AFRAID.ORG, and NS4.AFRAID.ORG.
I have the following questions:
Where is repair.gotgenes.com actually registered?
How was it registered?
What action can I take to have it removed from DNSs?
How can I prevent this from happening in the future?
This is pretty disconcerting; I feel like my domain has been hijacked. Any help would be much appreciated.