suspicion of fishing message
-
Hello! Did anyone get this kind of message lately (in French for me) ?
I’d like to make sure that it really comes from WordPress. Or is it fishing ?‘Quelqu’un a demandé la réinitialisation du mot de passe pour le compte suivant :
Titre du site : xxxxxxxx
Identifiant : xxxxxxxxx
S’il s’agit d’une erreur, ignorez ce message et la demande ne sera pas prise en compte.
Pour renouveler votre mot de passe, cliquez sur le lien suivant :
[redacted by staff]Thanks in advance for your help !
-
Hi there,
That is a password reset email for a WordPress.com account password. That is sent out if someone types an account’s username or email address on our lost password form.
However, I don’t see any password reset requests for the
info55067df4047account you’re using to post here – this account was created only a few minutes before you posted this forum thread.So you must have received that email for a different WordPress.com account. What is the URL of the site mentioned in the email?
Note that the link you posted contained a password reset key – the domain you redacted doesn’t pose any security risk at all and only makes it harder for us to help you, but the key does, so I’ve redacted the entire link from your post above.
-
Hello Kokkieh,
Thanks a lot for your fast answer.
I am a webmaster/developer but up to now I didn’t face this kind of problem with the websites I created. A client called me because he received this e-mail for his own website.
As I thought that this post would be published in public mode, I intentionaly replaced the site name by xxxxx, but it’s name is artbati.ch
I wanted to make sure that this message came from WordPress himself before doing anything.So now I figure that the persons who tried to log in found the username, that’s why he received that e-mail (it’s not only once, he received it various times) ?
Do you suggest me to tell him to make both username and password stronger to make sure that this wouldn’t happen anymore ?Thanks again and best regards
-
The site artbati.ch is not hosted by WordPress.com so we can’t really check any details on it. My guess is that the email was sent from WordPress.org.
If your client received the reset password emails, it only means that someone is trying to access their account and doesn’t know the password. Unless they can access their email address, they won’t be able to reset it though.
Sometimes this happens because the user makes a typo or doesn’t remember their email correctly. I wouldn’t worry too much about it.Changing and setting strong passwords for both the WordPress account and email address is always a good advice.
-
- The topic ‘suspicion of fishing message’ is closed to new replies.
WordPress.com Forums 