Need help? Check out our Support site, then


Spam post published in my Blog

  1. I just realized that there is a spam post (not comment!) published to my blog with the title 'Now Your All Dreams Will Going To Become Reality with Your Own Home Business'. A quick search in Google revealed that many wordpress.com blog get affected by this, does that mean our login info is exposed?

    I am very worry about this.
    Blog url: http://ghost301tech.wordpress.com/

  2. Go here > Users > All Users and delete any user that does not belong there.
    Disable post by email > http://en.support.wordpress.com/post-by-email/
    Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
    Go to your email program and change the password to a very difficult one

  3. Hi timethief,

    Thanks for the swift reply.

    There is not new user in my blog account, and I didn't turn on the Post by Email feature. I have changed my password to a stronger one, probably the old one is to be blamed for this spam post.

    Hope it will never happen again.

    Thanks again!

  4. Be sure you change your email password to a very strong one as that's how some hackers are getting into blogs. http://en.support.wordpress.com/security/

  5. P.S. Please do not delete the phony post. Make it "private" so Staff can examine it. I flagged this thread for Staff attention.

  6. Hi timethief,

    I already make the post as Private for examination. My Gmail account is using a 2-way authentication with strong password, and there isn't any suspicious activity based on report from GMail, I just wonder how it can happen.

  7. Thanks for the additional info.

  8. Very odd. I just looked on Google and, as the OP said, there are literally dozens of WordPress.com websites that have posted this exact same post within the past 24 hours. In addition to the active sites, many of these sites seem to be abandoned and whose last post was a long time ago.

    Unfortunately, this does seem to be some kind of a breach.

  9. Thank you for the report. We're looking into this.

  10. danapronounceddonna
    Member

    I had a similar issue with one of my blogs today. I had not posted since December in one of them, but a post was made that was about making money from home. I had to change my password three times today. I did contact Support and was told that others are having this issue, and that they are looking into each case. Hopefully, this gets resolved soon. I really like WordPress and do not want to have to delete my account and start from scratch.

  11. Thanks for letting us know about this. We also noticed something suspicious. We have reset the passwords of all affected users and have sent them an email to let them know. If there was any spam posted and not removed before we got there, we also went ahead and cleaned that up.

    It is very likely that you were using the same password on WordPress.com that you used elsewhere. Recently, a few large services -- LinkedIn, Yahoo, eHarmony, and Last.fm to name a few -- have suffered well-publicized security breaches that have exposed email addresses and passwords. Although the passwords are usually stored securely, simple passwords can be decrypted or "cracked" in a matter of hours using modern technology.

    Hackers gather the lists of email addresses and passwords from these services and then try to use them to access accounts on other popular services, like WordPress.com. If you used the same password multiple places, then your account can be compromised. That is what happened here. We do have measures in place to protect password guessing or "brute force" attacks but in this case, since the password is known beforehand, there is no need for a hacker to guess.

    You should have a strong, unique password for every account you have on the internet. We have some more information on selecting a strong password in our Support section, please read through it:

    http://en.support.wordpress.com/selecting-a-strong-password/

    If you have any additional questions about the security of your account, please contact us using the form on this page:

    http://automattic.com/security/

    We take security seriously, and are happy to answer any questions you have.

  12. @ghost301 @danapronounceddonna Please see this Staff reply:
    http://en.forums.wordpress.com/topic/spam-post?replies=6#post-952535

  13. LOL OK then, see the reply just given above. :)

  14. @pjad
    I did take what ghost301 said seriously and I did confirm with a Google search. I chose not post that and cause widepread alarm. I felt the best course of action was to post what to do into all such threads and to flag them all for Staff attention. Thanks for your action on this issue.

Topic Closed

This topic has been closed to new replies.

About this Topic