Something just happened a couple of times over the past few days that made me pretty nervous. Two different people have put comments on my WordPress blog that have been caught in the Spam Karma filter because there was a blacklisted URL in the URL field (it contained the string "freshmlmlead"). The problem is, when these commentors actually filled in the comment form at their end, they didn't use that URL! (They are both regular commentors on my blog and I don't think they have any reason to lie about this.)
Has anyone ever heard of anything like this? I should provide a few technical details:
- I was using WP 2.0.3, which I just now upgraded to 2.0.4 (I know I should have earlier, but I was preoccupied because...)
- I just moved servers from a shared server to a VPS server. The oddness happened after the server move.
- I'm using Spam Karma 2, the Filosofo comment preview plugin, and, if it's relevant, WP-Cache.
Obviously my big worry is that somehow I've been hacked. This has only happened twice and I get literally hundreds of comments a day, but it's still really weird.
Thanks in advance for any help anyone has to offer.