Today my site was attacked by a spammer and it went into phishing site. I had just discovered from google analytics why my WordPress blog doesn’t have any visitors. First I thought that the server was down, but once I knew the message on my site I was stunned.
Firefox don’t allow at-least to browse my site, every time it ask to me whether to proceed or not. I have checked webmaster tools and their I found malicious code, which is on my site. It’s easy to remove this malicious code form your site since webmaster tool show what was wrong with my site.
How I removed the Malware code from my site?
These attackers mainly inserts the code in footer templates or header template file. First open your site in opera view the source code exactly match in the report of webmaster tools now find it in your theme and remove that code from your site.
Why do this happen?
This will happen due to more security issues where you are hosting. most will be happen on free hosts or your password has been stolen, or your password density is too low.
Recommendations to avoid these warnings:
Update your CMS to the latest version.
Change your password of CMS and Webhosting too.
Finally resubmit your appeal on google webmaster tools tha you have fixed and removed the codes etc.