[WordPress.com] Activate – Phishing Fraud

A new spam campaign is circulating that is spoofing “WordPress” blog subscriptions.

Emails most commonly arrive as:

Subject:      [WordPress.com] Activate http://stephen.wordpress.com/
From:     WordPress.com <donotreply@wordpress.com>

Below is a screen shot of an example email:

WordPress Phishing Fraud

WordPress Phishing Fraud

These emails are fairly well written and apparently succeed in tricking a number of users into believing that they are legitimate.

The text of the messages follow this script:

Thank you for signing up with WordPress.com.

You are one step away from blogging at stephen.wordpress.com.
Please click this link to activate your blog:

http://signup.wordpress.com/activate/i67cs1xhd15x22ju

If you did not recently register for WordPress (or if you registered with a different e-mail address),
click the following link to cancel the confirmation:

http://signup.wordpress.com/deactivate/a12pw2bjz72u75ra

–The WordPress.com Team

They are, however, not from any valid WordPress account or blog but are instead sent from compromised mail servers and infected personal computers, mostly from overseas, such as:

“‘from p57b91e45.dip0.t-ipconnect.de  ([87.185.30.69])”

While the links may appear to be legitimate at first glance, the reality is they do not take users to “WordPress.com” but instead to compromised overseas web sites such as “cruzdealba.es” or “chipsnchils.com” which will then launch a JavaScript attack against your browser.

Since there are thousands of such sites that have been hijacked and are used to redirect users and to also spread malware there is no safe advice to offer recipients other than to simply delete such emails without attempting to follow the links contained within them.

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: , , , ,

Comments are closed.