Thread

Hi EE,

One of my clients, http://www.ruralintelligence.com forward me a google alert:

Rural Intelligence | Credit Card Application
Rural Intelligence > Member List > Credit Card Application. Credit Card Application. Member Group: Members. View all posts by this member · Ignore Member ...
http://www.ruralintelligence.com/index.php/member/9064/

This link goes to a page that says that the page has been moved with a link to another site. I’m gathering that RI has been hacked. Can you help with what I need to do about this? I’m going through all the pending members and deleting them. Is there a way to find this and delete it asap?

Thanks,
Vanessa

Hi Vanessa,

This link http://www.ruralintelligence.com/index.php/member/9064/ does not seem to point to another site. It just shows that the member ID 9064 has been either deleted or banned by the site administrators. Unfortunately there is a fair amount of profile spam on the site and it might be these links that are generating the Google Alerts. This does not mean that the site has been hacked. You should at the very minimum set up member registration notifications for you and your clients so that you can monitor these registrations. In addition, there is a blog post and associated forum thread with a lot of information and ideas about how to combat profile spam.

Cheers

Greg

Thanks Greg. I did manage to figure out how to delete the member from the database, but I’ll definitely look at the information above to familiarize myself with other tools we can put in place.

Best,
Vanessa

Hi Vanessa,

Okay. Can you clarify something? I understand that you have deleted the member that would have been shown here http://www.ruralintelligence.com/index.php/member/9064/ but are you saying that before this member was deleted visiting this URL directly redirected you away to another site?

Cheers

Greg

No. For one brief flash of a second, you could see the member page (like this one: http://www.ruralintelligence.com/index.php/member/9063/) then it resolved to an almost blank page that said “This page has been moved. Click here.” with a link to another website. In fact the entire browser window was one giant hotspot. When I viewed the source code it had all this hidden text that was about credit card applications.

Thanks, Greg.

Time to delete that member too. 😊 Is everything OK now?

Hi Sue,

Yes.  :red: Other than the fact that I have to go through 3 years of members and decide who needs to be deleted!!  :ahhh:

Is there an easier way to find users that are spam besides going one by one through the member list? I have hesitated for a long time in deleting members that get activated because it’s hard to tell sometimes whether a username is legitimate through View Members in the Admin. Any suggestions?

Thanks, much!
Vanessa

Vanessa ,

I would advise against deleting members but banning them instead.That way they wont be back with any of those details. Have a look at Member Utilities which may speed up you user spam search and banning

Thanks, John Henry. I’ll definitely need this as there are some 8K members that need to get cleaned up.

Oy.

😊

So, does that solve it for you? Let us know if you need anything else, please.

Hi Ingmar,

Yes, it does. Please go ahead and close.

Thanks everyone!
Vanessa

Excellent. Please post again as needed.