Tagged: CONTACT FORM, spam
-
AuthorPosts
-
September 3, 2018 at 6:45 am #1004785
We’ve noticed a few installations of Enfold are getting attacked via the contact form (even with captcha on).
Simialr to this…
“If уou recеived this messаge, thеn уоu nеed tо transfеr 0.5 bitcoins to thе рurse xxxxx otherwisе уou will receive this lеtter реrmanently until yоu trаnsfеr 0.5 bitcoin”Any clue on how to stop it?
Sorry for bad news.
CheersSeptember 3, 2018 at 8:16 am #1004808Hey Slick,
Could you post a link to one of the sites where this is happening so that we can have a closer look please?
Best regards,
RikardSeptember 3, 2018 at 1:46 pm #1004951Howdy folks…my clients are reporting this as well. When you say post a link, do you just want the public domain link?
September 3, 2018 at 2:01 pm #1004961I asked for info here: https://kriesi.at/support/topic/spam-protection-is-very-weak/
And my client is waiting for the reply and looking there :)lol, nobody is asking for bitcoins, just offering viagra, cialis, seo, mp3 downloads, some “great deals”… :-/
September 3, 2018 at 2:14 pm #1004969I personally got 7 of the bitcoin spam email, all within 2 minutes. Four of my enfold clients have reported the bitcoin emails in the past 24 hours. I suspect I have others but they haven’t alerted me.
- This reply was modified 6 years, 3 months ago by itchybrain.
September 3, 2018 at 3:13 pm #1005010Hi Slick Sites,
Here is a thread for you to consider
If you need further assistance please let us know.
Best regards,
VictoriaSeptember 4, 2018 at 1:22 am #1005237My client is getting 10-100s of these also through the Enfold captcha form. The ‘thread’ link above does not ‘link’. I’ll manually search but it would better if a live link were added.
September 4, 2018 at 1:37 am #1005238This isn’t just a simple spam issue – this is a targeted attack on the Enfold Captcha form.
Might need to get the dev team to look into recaptcha?September 4, 2018 at 1:39 am #1005239Same…dozens and dozens of spam emails now. Is there perhaps a vulnerability that has allowed spam malware to load on our sites?
September 4, 2018 at 2:26 am #1005242One of my affected clients isn’t using the Enfold form, but instead was using WPForms Lite with authenticated invisible google recaptcha, so it doesn’t seem specific to the enfold form, but is enfold themed sites being affected.
September 4, 2018 at 2:37 am #1005243I agree it is an issue with the Enfold Catcha. I’ve replaced the contact form with a Contact Form 7 + reCaptcha. No spam for an hour now! yay. I’ll monitor it for a few days and report. My other sites/clients are not having an issue and they are on other themes with ContactForm7. So feeling from the many threads going back 2yrs (with no solutions posted) that this is an Enfold captcha/security issue. IMHO.
September 4, 2018 at 1:05 pm #1005513Hi,
Alright. Let us know if you encounter any issues again. For added security, you can implement reCAPTCHA to the theme’s contact form. You’ll need the public/site key to render the “I’m not a robot” widget and the secret key for verification. Include those info in the following code. (see private field)
Best regards,
IsmaelSeptember 4, 2018 at 10:14 pm #1005796Thank you Ismael, how do I see the private field? I am logged in but cannot see it, it just as a note in brackets, saying (see private field)
September 5, 2018 at 1:49 am #1005828 -
AuthorPosts
- You must be logged in to reply to this topic.