75.8% of the phishing sites analyzed (2486 sites) were hosted on compromised web servers to which the phishers obtained access through Google hacking techniques (search engine reconnaissance) The research also indicates that not only are legitimate sites (unknowingly) providing hosting services to scammers, but also that 19% of vulnerable sites that they ve analyzed were recompromised within six months. The bottom line if you don t take care of your web application based vulnerabilities, someone else will.
Source: https://threatpost.com/76-phishing-sites-hosted-hacked-servers-022609/72374/