-
Posts
-
Hey guys,
A client contacted me frantically about her website being hacked.
She discovered blog posts that were not from her business.
I did a quick scan, and the site itself shows no signs of Malaware or real compromise.However, in the last week, we have 2 blog posts from Kriesi ( (Email address hidden if logged out) ) …
Just trying to understand how that could have happened?! See below link:Thank you.
i think this is Mail-Spoofing – i get from my own e-mail address – per day aprox. 10 E-Mails.
i think he has his offical e-mail : office(at)kriesi(.)atHi,
I haven’t heard of anything like that happening before, and we wouldn’t do that ourselves of course. Are you sure they are not part of the demo content? Your screenshot is not loading so I couldn’t check it unfortunately.
Best regards,
RikardThis is what I see: https://drive.google.com/file/d/1M6jXfTnS-fH9jQgo1YoBrVPObeL5GM6W/view?usp=sharing
Thanks Guenni007
So the account only had 4 users. 1 of the 4 being the admin Kriesi ( (Email address hidden if logged out) ). Very strange.
Hi Justin,
Thanks for that. It sounds to me like the user in question might have been compromised. Simply changing the password for the user should fix that I guess?
Best regards,
RikardI removed the user Kriesi ( (Email address hidden if logged out) ) from the account. It was added there a year ago for your support usage. I removed it.
- You must be logged in to reply to this topic.