Malware link issue

joanasjewelry · Member · Aug 11, 2015 at 3:35 pm
Copy link

Add topic to favorites
I’ve been blogging on WordPress.com for about 7 years. I also subscribe to my own blog so that I can double check that my posts are being sent out correctly. Today the email version of my blog post (from last night) arrived in my gmail spam folder with a warning saying “this site contains links infected with malware.”

How do I identify the infected links and remove them.

Thank you so much!
Joana

The blog I need help with is: (visible only to logged in users)
thistimethisspace · Member · Aug 11, 2015 at 7:32 pm
Copy link
See here please https://en.forums.wordpress.com/topic/redirecting-to-subdomains-and-ssl-certificates?replies=3#post-2434939
thistimethisspace · Member · Aug 11, 2015 at 7:35 pm
Copy link
Please see here as well http://en.support.wordpress.com/https/#frequently-asked-questions

You can run a free malware check anytime at this link
https://sitecheck.sucuri.net/

Enter a URL (ex. sucuri.net) and the Sucuri SiteCheck scanner will check the website for known malware, blacklisting status, website errors, and out-of-date software.

You can also use this free Google Safe Browsing site diagnostic at anytime http://google.com/safebrowsing/diagnostic?site=http://atalentfordesign.com/
thistimethisspace · Member · Aug 11, 2015 at 7:36 pm
Copy link
How do I identify the infected links and remove them.

The most common cause of a malware link embed issue is hotlinking to images that you do not have permission to use.
joanasjewelry · Member · Aug 11, 2015 at 8:23 pm
Copy link
Thank you for the replies and for the links above. To my knowledge, I have never hotlinked to an image. The Google Safe Browsing site showed no malware on my site, and a scan with sitecheck.sucuri.net also showed no malware or other suspicious activity. Would these scans turn up any issues with hotlinking?

Is there anything else I can do to investigate the malware link message I received yesterday?

Thank you,
Joana
thistimethisspace · Member · Aug 11, 2015 at 8:26 pm
Copy link
Would these scans turn up any issues with hotlinking?

if it was no permitted the answer is yes.

The good news is both security checks demonstrate you do not have a malware issue on the blog. Blog on!
joanasjewelry · Member · Aug 11, 2015 at 10:18 pm
Copy link
Thanks! Hopefully the odd email I got this morning was just a fluke.

All best wishes,
Joana
thistimethisspace · Member · Aug 11, 2015 at 10:20 pm
Copy link
I think it probably refereed to a security certificate warning. That’s why I posted these above:
https://en.forums.wordpress.com/topic/redirecting-to-subdomains-and-ssl-certificates?replies=3#post-2434939
http://en.support.wordpress.com/https/#frequently-asked-questions
joanasjewelry · Member · Aug 12, 2015 at 9:13 pm
Copy link
Today I got another gmail email alert (something akin to…”this site links to places with malware”) for an email that came from an outside source – my alma mater – so I figure that the problem is indeed with a security certificate.

Following the links you provided, I added *wordpress.com to the “trusted sites” list and also changed the correct radio button to “enable” as per the last step of the instructions.

However, I did this all in Internet Explorer because there were only Mac instructions for how to do it in Chrome. I use Chrome as my browser but have a PC. Any suggestions?

Thank you!
Joana
thistimethisspace · Member · Aug 12, 2015 at 9:20 pm
Copy link
Please type modlook into the sidebar tags on this thread for Staff help. How do I get a Moderator/Staff reply for my question? https://en.support.wordpress.com/getting-help-in-the-forums/#how-do-i-get-a-moderatorstaff-reply-for-my-question Then please subscribe to this thread so you are notified when they respond. To subscribe look in the sidebar of this thread, find the subscribe to topics link and click it.
joanasjewelry · Member · Aug 23, 2015 at 10:06 pm
Copy link
Still stumped…
Last week I wrote regarding the concern above (my gmail account is now flagging emails from my own blog posts as possibly coming from “a site that links to malware.”) In the meantime, I had a computer technician work on my computer (there actually were some viruses on my computer) and I have a completely cleaned system now.
When I showed the technician the email, he looked at the “send to”/ “reply to” fields in the email and pointed out the address in the “reply to” field contains a virus. This is the address: (email visible only to moderators and staff)

Meanwhile, in addition to again running the Sucuri Site Check and Google Safe Browsing malware scans on my site, I had my domain hoster (iPage) do a scan of my site. Again, all of these scans showed my site to be free of malware.

Is the “reply to” address (see above) being generated by my site/Wordpress in fact compromised, and if so how do I fix this issue?

Thank you!
Joana
joanasjewelry · Member · Aug 23, 2015 at 10:14 pm
Copy link
I see that the email address in question was redacted in my question above. The email starts with “comment+” followed by a long string of characters and numbers. It is the long series of characters and numbers that my technician says point to the address as being a virus.
rachelmcr · Member · Aug 24, 2015 at 11:24 am
Copy link
Hi Joana,

That reply-to email address is correct — that email address makes sure any email replies are posted as comments on that blog post from your blog. That isn’t a virus, and your site hasn’t been compromised. :)
joanasjewelry · Member · Aug 24, 2015 at 2:12 pm
Copy link
Hi Rachelmcr,

Thank you so much for letting me know. It’s a relief to finally get to the bottom of this “suspicious email” issue and know that everything is ok with my site.

With all best wishes,
Joana

No items found.