Jump to content

curious search enquiry might be hacking attempt?

adtastichosting

By adtastichosting
in Using WHMCS

 Share

Recommended Posts

adtastichosting Senior Member

adtastichosting

Posted
Posted

We run web analytics on our site and notice searches being conducted from overseas in which the person searching is using google and their search string is:

"This order form is provided in a secure environment and to help protect against fraud your current IP address"

 

Of course, if you run this test you will see that all that comes up are WHMCS sites. Call me paranoid but that leads me to believe someone is specifically targeting WHMCS sites for what reason? Usually this means some type of hacking attempt and in such a case that a vulnerability has been discovered and someone is trying to exploit it.

 

We employ modsec and a good firewall and all kinds of other security precautions including renaming the admin area and I haven't found anything otherwise that leads me to believe any hacking attempt has been successful and maybe that is why and of course I believe that as things go WHMCS keeps up with its security and overall is a pretty secure program as far as that goes, but I simply find this very curious so thought I would mention it in case anyone else has any thoughts on this.

0
Link to comment
Share on other sites
  • WHMCS Support Manager
WHMCS John Senior Member

WHMCS John

Posted
  • WHMCS Support Manager
Posted

It's probably just a spammer/phisher looking for smaller hosting companies using WHMCS to automate account creation, so they can create an account and immediately start spamming/phishing before they are taken down.

 

I find a lot of spammers/phishers are also referred by searches for "instant setup hosting" for the same reason. The fraud modules will usually catch these guys out though.

0
Link to comment
Share on other sites
adtastichosting Senior Member

adtastichosting

Posted
  • Author
Posted
It's probably just a spammer/phisher looking for smaller hosting companies using WHMCS to automate account creation, so they can create an account and immediately start spamming/phishing before they are taken down.

 

I find a lot of spammers/phishers are also referred by searches for "instant setup hosting" for the same reason. The fraud modules will usually catch these guys out though.

 

 

Well good luck on that! I find that Maxmind catches 99% of them.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept