I had a rather disturbing email from Google a few days ago. They reported a URL on my web site that was being used for phishing. Sure enough when I loaded it there was a fake PayPal login page.
The page was on the mail.world3.net subdomain. This subdomain is set up automatically by kNet and I don’t have any access to it. I can’t delete it, can’t access the files on it via FTP or any other means, can’t control it in any way. I changed my passwords anyway, but was unable to do anything about the page. Naturally I contacted kNet immediately.
Unfortunately by the time kNet looked the page had been removed and in a panic I forgot to take a screenshot. They seemed sceptical and refused to acknowledge that the hack couldn’t have been using my credentials. After all, I have no access to the mail.world3.net subdomain. kNet seem to be in denial… But what other explanation is there?