It seems the integrity of my webserver has been compromised. Through an open and unsecured port someone was able to upload a folder into my root directory to run phishing scams from my server. My ISP noticed and stopped it’s services for all of last night and this morning.
It looks like someone uploaded the files on Wednesday night, so it didn’t go on for too long. I’ve managed to close up that unsecured port, deleted all that crap they uploaded on my server, and re-permissioned all my files and folder. It’s all clean now and my files have been checked for any type of tampering. Hopefully it prevents them from easily doing again.
I’m bummed out that this happened. I’m going to take measures to make my site more secure, but if it happens again I may have to host my site at a co-lo. For all you webmasters out there; keep an eye on your stuff.