Shut down due to paypal phish attack from blog

  • Hi,

    Google has reported the blog as a phishing attack and OpenDNS has blocked my blog today due to a phish leading visitors to an official looking bogus paypal login screen.

    This is an URGENT problem.

    The URL is https://(site-name).com/wp-content/plugins/akismet/.confirm-paypal/webscr.php?cmd=_login-run&dispatch=5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efc821069238e10d4e2fae1f1c3199a2c44821069238e10d4e2fae1f1c3199a2c44

    The root also has this file – .verify-paypal-login/

    I’m not finding much on identifying the cause of the problem and action so am making this post in the forum.

    About a week ago we upgraded to latest WP version.

    Yesterday we worked with 3 plugins.

    We noticed yesterday that the Google Analytics plugin was deactivated, and that there were two versions rather than one, and we deleted the oldest one and activated the newest one.

    We deactivated the Top Commentators Widget to test Top Commenters Gravatar.

    Top Commenters Gravatar was installed and tested and removed.

    We re-installed Top Commentators Widget. And activated it.

    A few hours later google reported us and OpenDNS closed us down.

    Any suggestions?

    Thanks.

    Cheers

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Shut down due to paypal phish attack from blog’ is closed to new replies.