It appears that somebody installed a phishing page content on one of my domains

it only had a single html page so there was no cms-based attack vector.

Hacked ftp account or is this bleed-over from another shared hosting account?

Google+: View post on Google+

.