6 {{ upvoteCount | shortNum }}
6 {{ upvoteCount | shortNum }}

My Site Was The Target of an Active Phisher?

by trentonlaura
5 replies
I received an email just now from my hosting company that they detected phishing files had been uploaded without my knowledge to a couple of WordPress related folders for one of my domains that I don't use or access very often. They said they'd shut down the site if they weren't removed soon so I went in and found the files they mentioned and deleted them. They were all in either WordPress theme folders or plugin folders.

I'm wondering how this happened, is there a better security or access I need to change to ensure that this doesn't happen again? Do I need to change my database or WordPress password for that site? I use extremely random passwords so I'm wondering if that was the case how anyone could get in.

Sorry, I'm very naive and am looking for some answers and solutions and would appreciate any insights, thanks!
#active #phisher #site #target
  • Profile picture of the author WeavingThoughts
    Sometimes enemies or just plain bad luck or possible security loopholes cause such stuff.
    Signature
    {{ DiscussionBoard.errors[7073534].message }}
    • Profile picture of the author Horny Devil
      Banned
      Is there such a thing as a non-active phisher? Just a thought.
      {{ DiscussionBoard.errors[7073569].message }}
  • Profile picture of the author goguy
    I think they exploited a security hole either in wordpress or your web hosting server. You need to:

    1. Remove the phishing files.

    2. Update your wordpress installation to the latest version.

    3. Change your password.

    4. Backup your wordpress files and databases.

    5. Read other security tips recommended on the wordpress website.
    {{ DiscussionBoard.errors[7073731].message }}
    • Profile picture of the author prem khaira
      Banned
      Originally Posted by goguy View Post

      I think they exploited a security hole either in wordpress or your web hosting server. You need to:

      1. Remove the phishing files.

      2. Update your wordpress installation to the latest version.

      3. Change your password.

      4. Backup your wordpress files and databases.

      5. Read other security tips recommended on the wordpress website.

      Awesome advice...yup. Do all this
      {{ DiscussionBoard.errors[7073758].message }}
      • Profile picture of the author so11
        Originally Posted by prem khaira View Post

        Awesome advice...yup. Do all this
        Hello,

        check the security permissions on your web folders.
        Only admin account should have Write permission.

        If you have some commenting allowed by your visitors, than there should be a special Wordpress user and it should have write permission only in a specific folder (check the plugin documentation for the folder name and account name).

        regards,
        Signature
        www.groupesoloviev.com
        We help businesses manage cyber risk and compliance requirements.
        {{ DiscussionBoard.errors[7075615].message }}

Trending Topics