It appears that somebody installed a phishing page content on one of my domains
it only had a single html page so there was no cms-based attack vector. Hacked ftp account or is this bleed-over from another shared hosting account? Google+: View post on Google+ .