Uncertainty about reporting a Gravatar account with seemingly malicious link
-
Hello,
This is the Aptivi Blog operator.
Three months ago, I had reported “estoreknight”, “techwordly”, and “Video Game Review” and followed the instructions in an e-mail to get it resolved, and the likes seemed to have stopped coming from them. Now, it seems that “Video Game Review” started liking my posts recently, but less frequently than before, while the two other accounts stopped showing up. The most recent liked post by “Video Game Review” was “Linux 7.0 RC5 released!“.
When I visited their Gravatar, which was under “videogamerstore”, I found a link that was under the name of “Online Video Game Store”. Here’s where things get interesting, according to my investigation.
- If I click on the link, I get redirected to a malicious website with domain names that are really weird, with “Loading” in a green circle at the middle of the screen. Then, it goes to another set of weird domain names that consist of random characters, and, finally, to the malicious content that shows me fake pop-ups about winning a prize, getting a file, performing a system update, and so on.
- If I then close the tab and visited the site again as linked in the Gravatar, it takes me to a self-hosted WordPress.org site called “Video Game Reviews.” If I then wait for 24 hours then accessed the link again, I get malicious redirects for the first click, and the correct site for subsequent clicks. I recognize that you don’t support WordPress.org sites, but my report concerns a Gravatar account, not the self-hosted site.
I asked the AI assistant, because I wasn’t sure if I have to report the Gravatar account, and it replied to me as follows:
That’s a concerning situation, and you’re right to be cautious. This sounds like a spam/malicious account using WordPress.com “likes” to drive traffic, and the rotating destinations (malicious site vs. a seemingly safe one) is a classic trick to avoid detection.
The best thing you can do is report the account directly to WordPress.com by visiting [wordpress.com/abuse](https://wordpress.com/abuse) — describe the behavior, include the account name “Video Game Review,” and mention the malicious redirect you encountered.
Would you also like tips on how to block or moderate likes on your site to prevent this kind of spam engagement going forward?
Should I report the Gravatar account in question because of this link that has this kind of behavior? Or should I report it somewhere else? I appreciate all kinds of answers, and I’m happy to provide details.
Thanks in advance.
The blog I need help with is: (visible only to logged in users)
-
Hello @officialaptivi!
Thank you for reaching out and for taking the time to investigate this. We really appreciate you sharing the details of what you’ve observed, especially the intermittent redirects and the steps you took to verify the behavior.
Based on what you’ve described, yes—you can report the Gravatar account through our Abuse form. Since your concern is about the Gravatar profile and the behavior of the website linked from it, this is the appropriate place to submit your report.
You can do so here:
https://wordpress.com/abuseWhen submitting your report, please include the Gravatar account name, the linked website, and the details you’ve shared with us about the redirects. Our Abuse team will review the report, investigate the account, and take any appropriate action if they determine that it violates our policies.
Thank you again for bringing this to our attention and for helping us keep the community safe. If there’s anything else you’d like to share with the Abuse team, such as additional examples or screenshots, feel free to include them in your report.
-
Hello!
Thank you for the quick response. I have submitted my report just now via the linked report submission, and I have provided the details to the Abuse team, like the Gravatar name, the details that I’ve shared regarding the redirects, and so on.
I’ll keep monitoring the activity in my blog. I’ll also follow up with the report. ☺️
-
Hello @officialaptivi,
Thank you for the update, and we really appreciate you taking the time to submit a detailed report to our Abuse team.
The information you’ve provided, including the Gravatar name and the details about the redirects, will help the team with their investigation. They’ll review the report and take any appropriate action based on their findings.
Continuing to monitor your blog is a good idea. If you notice any new activity or have additional information that may be helpful, please feel free to add it to your existing report or let us know.
Thank you again for bringing this to our attention and for helping us keep the platform safe.
Please don’t hesitate to reach out if you have any other questions or concerns.
-
Hello,
You’re most welcome. I will let you know if there is new activity, or if I have extra information that may be helpful.
Thanks!