87
dfox
9y

Tonight I was getting ready to pay my monthly apartment maintenance bill so I Googled my property management company's name because I always forget the url. It's always the first result, but I noticed Google placed a little "This site may be hacked." line of text on their listing.

Seeing that before and knowing what it means, I went into the source for their index page, and to my suspicion, their WordPress installation was hacked with the standard invisible spam links.

I realize this happens to a lot of WordPress blogs, but this is an NYC property management company that is responsible for a lot of buildings and has millions of dollars in contracts. Normally I would inform them, but having dealt with them in the past I don't like them very much, but more importantly, I don't think they'd understand what I was saying because they are so technically inept. They might even think that because I found this, that I had something to do with it.

So devRant, it is up to you. What should I do?

Comments
  • 24
    Also, just to clarify so I don't sound like a douchebag, I don't think any personal data is at risk because all payments are made through a third party payment/bill processor.
  • 12
    @dfox send them a screenshot from Google and let it be I guess.
  • 5
    Can you bill pay from your bank or does your credit card company do those temporary one time use credit cards? Let the bank take the risk.

    Other than that, they should notice just as well as you can, if you want to be a good citizen inform the hosting company. One of my favorite restaurants was hacked a few years ago, so I called from my company phone to their corporate number they were happy to hear.
  • 8
    @eirabie I was thinking how long it could possibly stay there if no one told them lol. A year maybe? But then I thought, even if I do tell them they probably don't know how to fix it anyway and then it will be even funnier seeing how long it stays there.
  • 13
    @stickman good point. I'll send them an email. If their response is funny, I will surely post it here and it will make for great content.
  • 5
    @stickman I thought the story was gonna end like that... "and so I told them about it and now I don't have to pay maintenance for the rest of my life"
  • 8
    @P3t3r6 If that happens then I'll first plant a malware in my managements website and then report it 😂
  • 7
    Freelance opportunity? Lol if they say they don't know how to handle it, just casually drop your rate... ;)
  • 4
    @lreading haha!

    And as for the free maintenance... that would be the greatest thing ever. But I can see them not responding at all.
  • 6
    I say get some discount Viagra!
  • 2
    (receive update!)
  • 3
    But I am thinking about they guy who made that website....what will happen with him. The crony capitalist will make throw him/her out ? 🤔
  • 6
    Let them know they were hacked and send them some stress balls.
  • 3
    Send them an email but just watch out for the FBI kicking your door down?
  • 9
    Some good ideas here :) I'm sure they'd love a stress ball but really they have to earn that!!

    I sent them an email last night explaining what I found. No response yet, which is sort of expected because it is the weekend. I will update with their response right when I get one.

    If they don't respond Monday I'll follow up - this is important because it's kind of annoying knowing my maintenance money is now technically supporting viagra spam links seo.
  • 1
    @dfox
    Just talk to them, that's all you can do.
    / I deal with that every day
  • 4
    I actually got a response from the president of the company. He said "I have spoken to a web developer today to rectify the problem."

    Hmm, wonder how long it will take them to fix it. I think it might still be there next month when I go to pay the maintenance again :)
  • 4
    I know of a bank that uses WordPress...
  • 4
  • 1
    @dfox
    Propably not, they just have to fix the site and then request a new review from Google. It all takes 5 minutes or less, if the "Web Developers" know what they are doing.
  • 5
    @teXupport
    Well, wordpress itself is not the problem in most cases. The problem is usually plugins och themes that are badly written or unsupported
  • 1
    @Linux They have 34 plugins the last I talked with them. 😕
Add Comment