There are few frequently possible website infections. In the most of the cases the main site page is replaced (compromised) with another one, uploaded by a hacker. There are also specialized hackers who upload whole programs to the website, in order to take the website’s domain and look for big security holes.
This is most likely a result of a compromised and not fully updated application, site, exploitable php scripts, etc, which can be used by the attacker (most of the time an automated spider). You can check the following tool to see if your website is being currently reported by 3rd parties as phishing or containing malware: https://sitecheck.sucuri.net/
Important note: all websites are prone to attacks.
Most of our clients are using more than one application and/or 3rd party's software. In these cases knowledge is required about how to avoid attacker attempts.
Here are some useful tips!
* Regular update of each application
* Regular changing of passwords /control panel, ftp, email /
* Regular reviewing and investigating for malicious content. /highly recommended/
If you are currently using WordPress platform, please review the following article as well:
We highly recommend that you review the following WordPress security tools!