Suspicious follows
-
I’m getting them too. Fisrt one a week ago and12 so far including 6 overnight. TRied googling pjbals.co.pl and got referred here!
If they are spammers what are they trying to do? How do they do it? What should we watch out for?
Presumably wordpress could set up an anti-robot sign up mechanism like captcha which should stop them
In the meantime have delted them
-
I deleted mine also and it was worse than I thought. There were 16! WordPress really needs to get on top of this.
-
-
Yes, pjbals is really breaking the balls to everyone… I think Word Press should solve this massive spam attack.
-
Howdy all,
First, let me reassure you that there is no possible way someone can gain access to your site or cause you any harm by following your site. All this person or persons are doing is signing up for notifications of new posts on your site. They’re not getting access to any information you don’t willingly post on your public websites.
We are aware of this new wave of spam followers and we are looking into if there is a way to block them. I’ll let you know in this thread once I hear back from the team working on this.
For now, you can remove these follows by going to My Sites ->People -> Email followers:
https://wordpress.com/people/email-followers/Additionally you can prevent them from signing up for email notifications by temporarily removing the Follow Blog widget from your sites, and making sure the logged-out follow button is disabled. This option is under Settings ->Reading in the WP-Admin dashboard – add /wp-admin/options-reading.php to the end of your site’s URL.
If you want to go the extra step you can also go to My Sites ->Settings ->Discussion and add the emails to the comment blacklist. That way these spam followers won’t be able to comment on any posts on your site.
Note that none of this won’t prevent these people from viewing your site. If a website is public it means anyone with an internet connection can see it, no matter who or where they are, so always keep that in mind with any content you publish online.
-
Just found this forum after a quick google. I’ve now received 12 such emails in 2 days, all in blocks of 3.
For a moment it did my ego the world of good thinking my cruise blog I was attracting so many new followers at once however, as with all things that appear too good to be true, I started to worry.
So I’ve clicked the box for follow-up posts on this thread and hope WordPress and the ‘Happiness Engineers’ soon find a solution.
-
Hello again,
Emails from that domain have already been blocked from mass-following any more WordPress.com sites.
Thanks everyone who reported this.
Some of you might still get notifications from pending follows that were started before we were able to block this, should those people click the confirmation link in the subscription emails. We don’t have a way to prevent that, but new follows should not be possible anymore for these users.
-
Thank you Kokkieh! That is some very impressive customer service and I really appreciate it.
Can you give me any insight as to why spammers would even want to do this? As you said earlier, following our blogs doesn’t get them anything except notifications of new posts. What’s the point for them?
I’m just curious why someone out there would go to so much trouble just to follow some blogs and then receive what I can only imagine are 1000’s of notifications of new posts.
-
-
-
Thought I take your words but I don’t know if there is no real threat from these spam followers as you say however I advice wordpress to allow only genuine followers by introducing a way of authenticating their e-mail. I understand most of people may not be comfortable with this idea but what else can be the way?
Shivoham!
-
Like the rest of you, I have been getting followers with email addresses ending in pjbals.co.pl, eleven so far. I don’t think they are real people.
-
Can you give me any insight as to why spammers would even want to do this? As you said earlier, following our blogs doesn’t get them anything except notifications of new posts. What’s the point for them?
Spam followers who follow using a WordPress.com/Gravatar account do so to trick you into visiting their sites, generating traffic for them. Especially get rich quick sites follow this tactic.
However, I can see no way how plain email followers can get any benefit from this. Possibly they’re hoping people will reply to thank them for following, revealing users’ emails to them which they can then use for traditional spam or phishing. That’s the only thing I can think of.
I advice wordpress to allow only genuine followers by introducing a way of authenticating their e-mail
We already have a verification step in the email in the form of a link they need to click to confirm the follow. This is to ensure people aren’t subscribed to sites against their will, with the side benefit that it stops bots from auto-following sites. But there’s no way to prevent actual humans from following the site and clicking the link in the email.
-
Good to know Kokkieh. Thanks for getting back to me on that, and thanks again for the quick response to this issue by WordPress!
-
Thanks everyone – am catching up after internet disconnected since Friday and wondered who these individuals are. Daily No. hits trebled in last fortnight re EU Referendum but was suspicious of so many followers from same place. So I googled the domain and found WordPress near top so went there first. Will delete them when get spare moment LOL!
-
Kokkieh,
Thank you for responding.
Last night I had already taken some of the measures you suggested. When I went in to manually delete the followers I discovered there were 21, not the original 4 or 6 I thought had subscribed. Also, I had removed the follow by email widget and added the email extension to the block comments.
My concerns still remain based on this: (1) the massive amount of blogs attacked; (2) I have 3 blogs – one self hosted using WordPress. All have been affected.; (3) one blog (not the self hosted blog) has now started receiving “not secure certificate” notifications from my browser (Firefox). After reloading the page several times it will finally load. Again, this is a WordPress blog.; (4) Since these “followers” have started showing up I have noticed a referrer on my stat pages. The reference is along the lines to fix website problems and refers back to a company in the Ukraine with a massive tech staff.
It’s pretty obvious how they are using our blogs and in my case I do believe they’ve done something to my security to cause my quilting block (Around the Block with the BamaSteelMagnolia) to have validation issues it never had before.
If there are people who can hack the Pentagon and Presidential candidates it’s pretty obvious they can hack blogs if it’s to their benefit.
Is there a way we can remove these referring links?
Thank you for your assistance.
-
This is not an attack. As I said above, it’s impossible that anyone can harm your site by following it. Period.
There is no way that it can affect the security certificate for your site, and there is no way that it can give anyone access to any part of your site that’s not already publicly accessible. Hacking is a thing, but it’s not possible to hack a site by following it, using the tools we designed for exactly that purpose. The only way to hack an individual blog on WordPress.com is to gain access to the account password, or to the email address connected to a specific account.
If one of your WordPress.com sites is giving you a security error, please start a new thread and provide the URL of that site so we can check it, as that error is not related to the follower issue. Make sure to add the tag “modlook” to the thread to flag it for staff attention and we can investigate that issue in its own thread.
A site appearing in your referrer section simply means another website is linking to your site and you’re getting traffic on your site thanks to that link. Again, there is no way that this can harm your site in any way, but you can mark that link as spam to prevent it from appearing in your referrer stats. You can find instructions how to do that here:
-
I got 12 mails from @pjbals.co.pl during these last two days, and one from (email visible only to moderators and staff) a few minutes ago.
-
-
- The topic ‘Suspicious follows’ is closed to new replies.
WordPress.com Forums 