If you get an email from “WordPress.org” with the email address of wordpresspluginAThotmail.com and the subject [WordPress.org Plugins] Urgent: Your Plugin Has Been Removed DO NOT RESPOND. This is a phishing attempt.
The content of the email is as follows:
Dear WordPress Plugin Developer,
Unfortunately, a plugin you are hosting has been temporarily removed from the WordPress repository. We are going to manually review your plugin because it has been reported for violating our Terms of Service. If your plugin does not get approved then it will be permanently removed from the WordPress repository.
You can check if your plugin has been approved or rejected at
This is not an official WordPress email!
Clicking on the link will take you to a different site, that looks very much like WordPress.org, prompting you to enter your password. Do not enter your password!
Your plugins have not been removed from the repo, and if they had, the email would come from a wordpress.org account.
The emails so far have come from:
- From: WordPress.org <wordpress.plugins.mailATgmail.com>
- From: WordPress.org <wordpresspluginAThotmail.com>
If you’d like to report the emails to gmail and hotmail, please do.
The URL you’d be taken to if you clicked the link is
Clearly not the same URL. Looks like it’s been taken down, but people are still getting the email.
- The topic ‘WARNING: PHISHING ATTEMPT’ is closed to new replies.