A new email scam has surfaced over the past couple of weeks, telling people that their WordPress Database needs to be updated, and providing a link.
This is no different than other phishing email scams that are out there, hoping to catch some of the millions of WordPress users in their net.
I did not actually follow the link, but have no doubt that it would eventually lead to a malware infection of some sort.
Always Hover Before Clicking
To be clear, this is *not* a legitimate email. “WordPress” is never going to email you about your database, and I could tell this one was fake by hovering my mouse pointer over the link, showing that it went to an overseas domain, other than my own.
It’s important to remember that even when an email looks legitimate like this one did, you can aways see where the link is going to take you before you click, and that should be legitimate too.
View Comments (5)
Just wanted to note that while "Wordpress" may not email you about your database, your site's installation _does_ email the configured administrator about systems issues such as updates, and to the average non-technical user, this email would look pretty much the same as legit maintenance emails. Whether it's about the database specifically doesn't really matter to the average person, and it's probably unrealistic to expect them to discern what legit topics might come through.
The provided link, however, tells you everything you need to know. As you noted. I always have users check that first, as it nearly always goes to some completely unrelated, and often bizarre, URL. Additionally, as typically happens, the grammar in this email is a red flag.
Fortunately, the average user doesn't have access with which to do anything to the database and would typically forward it to their IT helpdesk. Though it might just be a simple malware downloader that wouldn't require admin access anyway.
Valid point - Thanks
Thanks for the awareness. we have to keep alert.
I've heard people in India are also facing the issue and an awareness should be raised to stop this.
Thanks for the info Scott.
I've gotten a few emails about this more recently but i ignored them and checked manually. I think this is ongoing. Thanks for sharing.