Possibly Hacked

  • Unknown's avatar
    zimf · Member ·

    I believe that my blog may have been hacked; there have been three posts now linking to a fake/advertisement site that I have no idea where they came from. I have deleted the posts but I still have screenshots. When I went to the Settings page to try to change my password or enable two-step authentication, there was nothing in the box! The most curious thing of all was that each of the strange posts was signed off by my friend’s email, but she never sent such a thing (we even checked the sent mail). Besides, we are very close, and I know she would never do such a thing. I have no idea what is going on. I am very worried and I would really appreciate some support or ideas on what is happening!

    The blog I need help with is: (visible only to logged in users)

  • Unknown's avatar
    auxclass · Member ·

    The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.

    You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.

    Dashboard >> Users

    Many times a users email is hacked or the password guessed and the email account is used to get access by requesting a password reset – you need to change your email password and make sure they nobody has been added to your email account.

    You should also run a virus check on you PC to make sure your PC does not have a security issue that has compromised your email or WordPress.COM log-in information (also your bank etc. if you do online banking or retirement accounts)

    There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.

    If you are really concerned you could as the staff to look at your site: http://en.support.wordpress.com/contact/

    You could also use a secure log-in in case you are on an unsecured link: http://en.support.wordpress.com/https/

    I will also flag this for staff attention

  • Unknown's avatar
    jackiedana · Member ·

    It looks like you have enabled Post by Email for your blog. That generates a secret email address that you can use to send email that will post to your blog.

    At some point your friend must have received an email with that address and added it to their contact list.

    I have deleted the email address now, so your friend cannot post to your blog again. If you wish to re-enable it with a new address you can do so at http://thedubblebubble.wordpress.com/wp-admin/index.php?page=my-blogs

  • Unknown's avatar
    raincoaster · Member ·

    If your friend’s email was hacked (or spoofed) then this may account for her not knowing what happened. You should BOTH change your email passwords right away.

  • The topic ‘Possibly Hacked’ is closed to new replies.