Viewing 20 posts - 1 through 20 (of 20 total)
  • Author
    Posts
  • #783687

    I started getting these spam messages in my email and I’ve no idea where they’re coming from because the only Enfold form I have on my site doesn’t have this subject line, nor does it use the email address these emails are coming to.

    Here’s one of those emails:

    New Message (sent by contact form at Enfold App)

    (Email address hidden if logged out) < (Email address hidden if logged out) >
    1:43 PM (10 minutes ago)

    to me

    Name: 5900ea3ecbcb7
    E-Mail: (Email address hidden if logged out)

    Any idea what that might be about?

    #783701

    Hi yifatcohen!

    We can not be sure, try enable catchap which will help you to block those emails.
    Although, if they have targeted you and want to do bad – they will do.

    Cheers!
    Basilis

    #1073932

    Same here.
    I’m having same message type “New Message (sent by contact form Domain). I have in the only form operative the captcha module up, also have more fields than spam incoming mail have, and it’s in Spanish. Spam mail is this (one of them):

    Asunto: New Message (sent by contact form at Domain)
    Fecha: 2019-03-03 11:15
    De: ” (Email address hidden if logged out) ” < (Email address hidden if logged out) >
    Destinatario: (Email address hidden if logged out)

    Name: EduardojeornJL
    Email: (Email address hidden if logged out)
    Telephone number: 86635287423
    Subject: Win an iPhone X

    Message: How To Remove “Win iPhone X” Pop-ups:
    h_t_t_p_s://lil.ink/investcrypto27221

    I’m gonna double check the site to look form hidden/forgotten forms.

    • This reply was modified 2 months, 2 weeks ago by  backfolder.
    #1074208

    Hi backfolder,

    This is fixed in the latest version of the theme, could you try updating to that please? (Purchase code hidden if logged out) /#theme-update” rel=”noopener” target=”_blank”>https://kriesi.at/documentation/enfold/ (Purchase code hidden if logged out) /#theme-update

    Best regards,
    Rikard

    #1074322

    Hi Rikard.
    I’m gonna update right now. Thanks so much!

    #1074727

    Hi backfolder,

    Great, best of luck to you :-)

    Best regards,
    Rikard

    #1075550

    Latest version installed, getting hammered with SPAM. Identical to user “backfolder” issues

    #1075598

    Same here!

    #1075901

    Hi pikes4ever and yifatcohen,

    Please include admin login details in private so that we can have a closer look at your site.

    Best regards,
    Rikard

    • This reply was modified 2 months, 1 week ago by  Rikard.
    #1076073

    Attached requested info

    #1076973

    Hi all.
    Still having spam issues. I’m gonna reset all password (DB, WP, FTP) and check for file permissions.
    Regards.

    #1077345

    I am having the same problem. The form is deactivated on all pages, but I am still getting these spam emails.
    Could it be that spammers found a loophole?

    #1077914

    Hi,

    Or it can be that you have somewhere your email and they are copying the subject etc, so they can use it and they by-pass your spam filter and land your email. :)

    Best regards,
    Basilis

    #1077921

    For me, by now and until clarify what’s happing, I’ve change all password, disable (rename php file) form module, installed Contact Form 7, verify that file permissions at folders are correct, and update PHP to 7.3.

    EDIT: Well I think it’s ‘manual spam’, some guy is filling the forms and sending it. The only thing to fight them is check their IP and blocking using any security plugin or using .htaccess.

    Regards.

    • This reply was modified 2 months, 1 week ago by  backfolder.
    #1078541

    Hi backfolder,

    Thanks for the update, I hope you find a way to block the spam you are getting.

    Best regards,
    Rikard

    #1078696

    Backfolder’s issue is NOT the same as mine. I have verified that the email is coming from my WordPress server so it HAS to be an issue within WordPress. I have renamed/disabled the following folder within Enfold “/public_html/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/contact” and so far it appears to have stopped the spam issues. I will update you once I have more info. You can check to see where the email came from by copying and pasting the email headers into “https://mxtoolbox.com/EmailHeaders.aspx”. If the originating IP address is the same or similar to your website IP address, then most likely it IS being sent from the web-page. If it is not similar or is located in a foreign country or whatnot, you can be 99% sure that is is manual spam.

    PS. We use “Contact Form 7” so we do not need the internal contact form creator.

    #1078705

    @pikes4ever,
    Thanks for sharing info about your problem, could help others. I’ve suffered ‘manual spam’ using both forms, Enfold and CF7. After adding two security questions to CF7 (quiz) and adding 3 IP’s to Wordfence WAF, spam has stopped. Finally I’m starting testing reCAPTCHA module build into Enfold in one site to see how is going.
    Regards.

    #1079135

    Hi,

    Thanks for sharing your information for other users.
    Enjoy the theme.

    Best regards,
    Günter

    #1079910

    Just confirming that after 4 days with the renaming/disabling the following folder within Enfold “/public_html/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/contact” has 100% fixed our issue and could fix others issues that are having this same issues as long as you are not using the built in form provided by Enfold. Like I said, we are using contact form 7 so just be aware. Have a great day everyone!

    #1102040

    Hi all!
    News about spam problem. Thanks to CleanTalk plugin, which block spam attacks in a very effective way, I have (a part of) next log that want to share with you:
    – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
    Contact form – data denied
    (Email address hidden if logged out) Spain 83.38.36.10
    Page URL : //mydomain.eu/wp-admin/admin-ajax.php
    Source : https://mydomain.eu/wp-admin/options-general.php?page=cleantalk
    Details | Not spam | Delete | To Personal black & white lists
    Spam attacks: 75
    IP: 0
    E-mail: 75

    – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
    So it is a problem related to WordPress IMMO. Permissions of that File and Directory are OK (I think)
    Anyway, and apart of CleanTalk, is there anyway to block that vector?
    TIA.

    • This reply was modified 1 day, 10 hours ago by  backfolder.
Viewing 20 posts - 1 through 20 (of 20 total)

You must be logged in to reply to this topic.