WPLift is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission.

Weekly WordPress News and Updates: Don’t Fall for Fake WordPress Security Team Emails !

Last Updated on December 28th, 2023


WordPress users, beware of a new scam that tries to trick you into giving away your login credentials and other sensitive information. The scam involves an email that claims to be from the WordPress Security Team, asking you to update your WordPress core files to fix a critical vulnerability. The email contains a link that leads to a fake WordPress login page, where the scammers can steal your username and password. The email also contains a malicious attachment that can infect your computer with malware.

This is a phishing attempt that exploits the trust that WordPress users have in the official WordPress team. The WordPress Security Team never sends unsolicited emails to users, and never asks for login details or personal information. The WordPress Security Team also does not attach files to their emails, and always uses the wordpress.org domain for their communications.
If you receive such an email, do not click on any links or open any attachments. Delete the email immediately and report it to your email provider. You can also report it to the WordPress Security Team by forwarding it to security@wordpress.org.

Stay Safe and Happy WordPressing 🚀

// Team WPLift




A team of WordPress experts that love to test out new WordPress related software, WordPress plugins and WordPress themes.