Something's phishy…
-
Good morning,
I’m writing to share what I believe is suspicious activity on WordPress.
When I’m logged into my WP account and I try to post a comment on prstar.wordpress (dot) com, I get an error message telling me I’m logged is as (email visible only to moderators and staff).
As admin for andvertising (dot ) com, I know there is no valid email account for such a person b/c no such person works here.
Here are my questions:
– Has my account been hacked?
– Has prstar.wordpress been hacked?
– Is this a phishing scam?Sincerely,
David Wojdyla
The blog I need help with is: (visible only to logged in users)
-
Hi David,
There isn’t much information which I can provide you for security reasons other than to confirm that there is such a user registered at WordPress.com. Other than the domain name being the same as your site’s, they don’t appear to be linked to either of your sites which you mentioned.
We have previously run in to similar situations where consultants or someone of a similarly transitory nature were given accounts within an organization and these phantom accounts caused some significant worry. Again however, this account doesn’t appear to be linked to any of your blogs, so as long as you take care to only log in to your own account (ensure that you are typing in your password and not using saved passwords), then you should be fine!
If you are concerned however, we always recommend changing your password on a regular basis and you can also make use of the 2 Factor Authentication system:
-
Thank you, amightywp, for your help. It’s good to know that Susan Roper doesn’t appear to be linked to either prstar.wordpress.com or andvertising.wordpress.com
Here’s my next question…
Can you confirm Susan Roper is not linked to my other blogs?
They are:
andvertisingpartners.wordpress.com
historyofandvertising.wordpress.com
davidwojdyla.wordpress.com
deadadguysdotcom.wordpress.com
feldmanwasserlaw.wordpress.com
onebfd.wordpress.com
lisabrandriff.wordpress.com
patriciawojdyladotcom.wordpress.com
ampersandvertising.wordpress.com
luckiestmaninadvertising.wordpress.comAgain, thank you for your help.
-
Hi David,
I went through and checked, the only blog which the user account I found before is associated with is her own, so is not on any of yours.
This would probably be a great time for you to review your own users though for your own piece of mind. You can check the users who are attached to each of your blogs by logging in to the Desktop and going to Users >> All Users. For example, I noticed that on andvertisingpartners.wordpress.com there isn’t a Susan Roper, but there is a user by the name of Susan. Perhaps Roper is a married or maiden name?
Just an idea!
-
While you were doing that (THANK YOU!), I was checking the emails associated with the domain and found one for “susan roper.” How it got there, no one knows. FYI, it’s been deleted. And the only other susan email address we have is for Susan Morris (who’s never been married).
Again, thanks for great customer service.
-
How odd. Well, I’m glad to hear that is at least somewhat explained.
Thanks for letting me know!
- The topic ‘Something's phishy…’ is closed to new replies.
WordPress.com Forums 