Monday, June 18, 2012

Email Scam - WordPress URL - googles.html and others

Recently, there is a mass outbreak of automatic spamming from Singaporean owned email accounts. Such email spamming is common but quite uncommon for so many accounts to be infested.

The spam emails contain no subject and the bodies of the message contain only a single url with no comment added.

"Less is more" and this is probably the tactic of the hacker (scammer) to involve fewer text to not arouse suspicious from receiver of the scam email. This is probably the reason why some victims have clicked the url indicated.

We cannot confirm if your email account will be hacked immediately once you open the URL or is it a phishing page that asks you to key in your password to login to your email account.

Below are some of the scam URLs we have gathered for the past few days:


We have noticed some similarities in the URLs, which may be linked to WordPress, which also includes a HTML file "googles.html" - of course, not for all. Therefore, we cannot confirm if all of them are the work of the same scammer. All, except for the last 2 URLs, are hosted by the webhost

Our analyzed results are (excluding the last 2 URLs):
1. The scammer may own all the domain names and has created the paths to mislead victims
2. The scammer may have hacked the webhost and uploaded the files
3. The scammer may have created a dummy plugin for WordPress blog owners to install

Whatever is the case, do make sure you let your friend know if he/she has sent you an email with similar URL. In fact, you should not open just any URL in email without checking with the sender. Victims should change their email accounts' password immediately and possibly, do a full system anti-virus scan.


  1. I've been having this problem too, something using my yahoo email account to send all kind of links (with /wp-content/themes/ similarities) to people in my address book.
    What I don't understand is whether my computer has been compromised by malware, or a website I visited injected a malware? or anything else?
    I haven't find antivirus that address this problem, my free avast! doesn't detect anything.

    1. Hi, please change your email's password immediately.

      We are not sure if this would cause problem in your system or not. You should do a full system virus scan in window's safe mode.

      (sorry that we have approved your comment only now because it has somehow landed into the spam list automatically)