What is a 'Phishing website'?

A Phishing website is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware.

Why would this be bad?

A Phishing website is usually the result of a comprimised website or comprimised user credentials of that website.

When your website is compromised, not only your website contains changes done by hackers but it also contains one or more security problems that allowed a hacker to gain access to your website in the first place. The compromised website provides a useful platform for a range of illicit activities.

Recommended action

If your site has been hacked or infected with malware, you should act quickly to repair the damage. First take your entire website offline first. This is pretty impopulair, however if you consider the fact your might be leaking privacy information or infecting the systems of your visitors you want to act as quickly as possible.

After you closed your website you will need to clean up the changed area's of your website.

Tips how to resolve this matter

The safest way to clean the hacked website is to delete it entirely and then upload a known clean version of it.

In addition future risk of compromise can be reduced by following these basic tips:

Getting more information

Google's help for webmasters of hacked websites
stopbadware.org has great information, and their forums have a number of helpful and knowledgeable volunteers who may be able to help.
The site antiphishing.org has recommendations on dealing with hacked sites.