I helped a friend of mine set up a WordPress site for her community group on a free web host. I added some plug ins for calendar, web form to send email to the group, and links to Soundcloud. No blog posts or commenting allowed right now.
She's saying that someone in her group had a 'phishing incident' after visiting the website. I don't have any more details than that. Is this possible and does anyone here know what this might be about? How can I prevent this from happening? I work in IT but not web development so I don't have a lot of knowledge on this subject. I thought I was doing her a simple favour, but it's just causing headaches at this point.
Thanks for any advice. I tried searching the subreddit and I'm currently going through the 'Been hacked' part of the Wiki but wasn't sure it would help me.
No way near enough info to say for sure, but “free host” raises major red flags to me.
Nothing is ever free.
Regardless, unless this person submitted information to the site that was used for the phishing, it has nothing to do with one another.
This sounds like every time I help family and friends with anything IT or web related. “Ever since you fixed my router, my computer’s mouse has been disconnecting”.. etc