To fight effectively against Phishing hosted by our \"customers\" or by hackers on the websites of our customers, we have developed a monitoring system alerts Phishing linked to several sources that detect it (Google, Netcraft etc) .
Since this week when there is a new Phishing alert hosted on our network, we will automatically send an incident ticket to the customer. And when it comes to shared hosting , we block the pages.
The customer is prompted to remove these pages within 1H .
Indeed, in the case of Phishing what matters is speed.
Since the beginning of the week, we sent more than 4,000 alerts to customers and very few pages have been removed.
So in 2-3 weeks, we will check after 1 hour if the page still exists.
If the customer do not remove the Phishing page , we will block port 80 and 443 of the IP on which the Phishing page is hosted (we can not make it smooth and even if we know how it would not push the customer to remove his Phishing page ..)
The customer may request to unblock it.
At that time,we will check if the pages have been removed and we will immediately unblock the IP.