Receiving emails from Wordpress@mydomain.com

Posted on 2013-10-05
Medium Priority
Last Modified: 2013-11-09
Hi, we have several Wordpress websites.  It seems we are receiving emails coming from "wordpress@<mydomain.com>" saying we have comments and needs to be looked at.  We checked and we did not allow comments on our sites.
In the email, there is a link to click on and if you did, you'll receive a page alert saying this page is blocked.  See link below.


Seems like a trick to get us to enter our login credentials.

Is there a way to prevent receiving emails like this?  How did they get the email addr "wordpress@<mydomain.com>"?
Question by:Soho_Dan
LVL 70

Accepted Solution

Jason C. Levine earned 2000 total points
ID: 39549339
Seems like a trick to get us to enter our login credentials.

Is there a way to prevent receiving emails like this?  How did they get the email addr "wordpress@<mydomain.com>"?

Yep, and a pretty good one too.

As far as getting the address, that's easy.  It's trivial to create a spider that reports if a site is running WordPress and the default email address for any site is wordpress@domain.com.  I always, always change that to a real address to attempt to prevent just this kind of thing

So it looks like a fairly clever phishing attempt but you can't rule out the possibility of a hack.  Run a Sucuri scan or whatever you use to stay secure.

Author Closing Comment

ID: 39636006
Thank you.

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Feeling responsible for an unfortunate ransomware infection on my parent's network, persistence paid off as I was able to decrypt a strain of ransomware that was not previously (or at least publicly) cracked. I hope this helps others out there affec…
The Windows Firewall provides an important layer of protection and a rich interface to configure it. Unfortunately, it lacks item level filtering. This article details my process of implementing firewall-as-code to reduce GPO bloat.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question