I am the owner of a WordPress.org website. Recently we found a very odd-looking username and email with “Customer” status.
The Username is 158864774245df6c83538cfe947baff1c59f6d073b. The email is firstname.lastname@example.org. When doing a Google search of the entire email, nothing comes up. When doing a Google search of just dmail1.net it appears to be a real email provider.
When doing a Google search of @dmail1.net, a lot of links come up with words like spam, abuse report, etc.
When doing an email check on cleantalk.org, the results say it’s a real email, and check-mail.org lists this domain as Temporary/Disposable.
Nothing that looks good.
Anyway when we went to delete the @dmail1.net user, the next page asks ‘What should be done with content owned by this user?’ and you must then select one of two options: 1, Delete all Content. Or 2, Attribute all content to: with a text box next to it. That’s when we noticed that the text box has the username of one of our authentic customers in it. ???
We didn’t delete the email and starting looking around a little further. We realized if we click Delete under many, but not all of, the real users that the “Attributed to” text box is auto-populated with the @dmail1.net email – including three of the Administrator accounts. The whole thing is really weird. We’re unsure why only some Users are linked but not all.
We still haven’t deleted anything and just want to make sure that we don’t crash something with these linked user accounts. That probably wouldn’t happen but figured we should research this first and hopefully get some support.
Also interesting to note, we’ve noticed recently that the website began showing ads and have been unsure what’s causing it or how to get rid of them and are suspecting this implanted “User” may be the source.
Any insight and support would be very much appreciated! Thank you for your time.
The page I need help with: [log in to see the link]