Hacked
-
For about 6 months now and about once a month, my blog sends out a spam post with a spam link. It post to my blog and sends to my email and at one time sent to anyone on my email contact list. I have since deleted contacts. In thinking this might be a Yahoo problem, I followed their instructions to look up the IP address to contact the provider to report the problem. The provider is Automattic which I now know is or is related to WordPress. However, when I went to the Automattic site, and submitted the URL as sending spam, the site said this was not a WordPress address. Please advise, as this has been going on far too long and I really need this to stop.
The blog I need help with is: (visible only to logged in users)
-
If I understand correctly:
1. Someone has hacked into your account and is posting a SPAM post which contains a SPAM link? Correct?
2. You then tried to report the issue to Automattic (the parent company of WordPress) by sending them your site’s URL which would be mizdanger911.wordpress.com? Correct?
3. Auttomattic then reported back that your site: mizdanger911.wordpress.com was not WordPress site? Correct?
4. You are the only one with access to the site?If someone is hacking into your account one option might be to change your password. If you changed your password was the account still hacked?
-
Thanks for your speedy reply. The URL I reported was: smtp1.dfw.wordpress.com, which I got from the header of the spam email. The site told me this was not a WordPress site. I have changed my password numerous times. It almost seems as though each time I access my PC from home rather than my tablet this happens. I will be happy to give you the full header info or forward you the spam email. I have also saved all the spam email and spam posts.
Many Thanks !!!
-
Couple things:
1. You might consider running virus scanners on your PC. Perhaps there is a key-logger running.
2. Consider:
A. Updating your browser (new updated browsers will likely have less security problems) using this site: http://www.browsehappy.com
B. Updating or turning off or removing or reinstalling your browser plugins/extensions.I will tag this for moderators to look at. Be patient as it may take 24 hours for staff to get to it . Make sure you subscribe to the post at the bottom.
-
pardon some duplication below
The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.
You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.
Dashboard >> Users
Many times a users email is hacked or the password guessed and the email account is used to get access by requesting a password reset – you need to change your email password and make sure they nobody has been added to your email account.
You should also run a virus check on you PC to make sure your PC does not have a security issue that has compromised your email or WordPress.COM log-in information (also your bank etc. if you do online banking or retirement accounts)
There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.
If you are really concerned you could as the staff to look at your site: http://en.support.wordpress.com/contact/
You could also use a secure log-in in case you are on an unsecured link: http://en.support.wordpress.com/https/
also you can enable the two step log-in
What’s the URL of the blog? And how many admins are there?
-
@pcosta88 Yes, that would be great if you would tag this for the moderators to look at. Thank you. I keep finding virus and malware on my PC. Maybe I will update and/or uninstall/reinstall my browsers. Luckily, I have had no issue with bank account or credit card sites, which I do also use on my home PC. Thanks for the tip.
@auxclass I have changed both my email and WP passwords several times. I am the only admin on my site. In fact, it is a private site that I only use to air my personal thoughts. I have the site set at private so a log-in is needed to gain access. However, I did check on the post by email setting, which I think I used once or twice but probably 2 years ago. It was disaled, but I deleted the post by email address and did not regenerate it, so there is now nothing shown and it remains disabled. Thanks for the tip. And here’s the thing too. Until recently, I would log-in by going to (email visible only to moderators and staff). I never, ever realized this site is not secure. WOW, that blew me away. So now I log in only from wordpress.com and always make sure the site is https and the lock is shown. Thanks for the link to contact support. What I just said is shown there LOL !!! I can’t believe I never noticed that.
-
@auxclass — THANKS for suggesting a 2-step login. I set that up. Since I have a windows phone, it works via SMS and it works BEAUTIFULLY !!! I was concerned about the unsecure site login. However, I tried to login from that vantage point and a verification was still needed. AWESOME !!! Thanks again !!! Hopefully, that will put an end to spam being send from my blog.
-
-
Sorry the delay! Are you still having trouble with this, and do you have Post by Email enabled?
-
staff-blorbo It was not enabled. But Saturday I deleted the email addy, disabled again and did not regenerate. Weird thing is that I always seem to have an issue whenever I access email — not my blog, but email — from my home PC. I did access email from my desktop yesterday, but not yet today. Will try later and hope the issue has been resolved. Thanks for your input. I’ll keep you posted.
-
Excellent, don’t forget to do an anti-virus scan too, especially if this happens every time you access your email.
-
-
- The topic ‘Hacked’ is closed to new replies.
WordPress.com Forums 