1. Home
  2. Forums Index
  3. Server Side / WordPress 3:11 pm May 11, 2026

Forum Moderators: rogerd & travelin cat

Message Too Old, No Replies

O/T: Phishing Scam That Almost Caught Me

         

Planet13

1:46 pm on May 14, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Sorry if this is off topic, but I think that wordpress owners who are confused about the flurry of recent security issue might be more susceptible to this type of phishing scam.

I saw this email - purpotedly from my hosting company - when I checked my email this morning:

Your account contains more than 9860 directories and may pose a potential performance risk to the server. Please reduce the number of directories for your account to prevent possible account deactivation. In order to prevent your account from being locked out we recommend that you create special tmp directory. Or use the link below:
[BOGUS LINK HERE]


Like most others, I have been a LITTLE paranoid - and more than a little confused - about security issues in wordpress lately, so I freaked out when I read it. I figured that my wordpress install had been hacked, and that I would be spending the rest of the day trying to remove the mlalware from my sites.

Now normally, I would be hyper-vigilant about NOT clicking on such links. But I ALMOST did today just because of the recent wordpress security confusionment has me bewildered. Am I protected? Am I not protected?

Anyway, sorry if this is off topic, but I just hope that it will help those who have wordpress sites be a little more vigilant in avoiding phishing scams.

JS_Harris

5:22 pm on May 19, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Rule of thumb, if you get an email about something consider it bogus. Reputable companies don't contact you via email unless you initiate that contact. If you get an email never click on any link within, go to your dashboard like you normally do and if there is no warning there you can safely dismiss the email. I don't think it's a good idea to ever click on any link in any email anyway, but you knew that.

Planet13

7:34 pm on May 19, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I don't think it's a good idea to ever click on any link in any email anyway, but you knew that.


Yup. Just this recent flurry of wordpress security patches had me worried.

Especially since I didn't know if I would be protected with the latest iteration of 4.1.x or whether I had to go to 4.2.x

lucy24

7:53 pm on May 19, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Reputable companies don't contact you via email unless you initiate that contact.

How else would they contact you-- by telephone? Sure, law firms send things by snailmail so you have a physical record. But if the internet did everything by snailmail people would laugh themselves silly at the anachronism.

Thinking back, I don't think I've ever even seen a piece of paper with my host's or registrar's name on it.

:: insert boilerplate about US government agencies' inexplicable decision to send important notifications via a private-party dot com that anyone in their right mind would assume was a scammer ::
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / WordPress 3:11 pm May 11, 2026