Hey everyone, I’m writing a post to be honest about what happened last night (Thursday 25th September).
As I’ve discussed with you before, I take security very seriously. However, in this case I took it too seriously.
I received an email from an address in my own email system that doesn’t even exist (firstname.lastname@example.org) – or so I thought, at least – which made me think a hack was in progress.
My procedure for a hack in progress is to take my server offline and investigate & remedy the issue without exposure to the Internet.
However, there was no hack. In fact, my website was never in any danger 🤦♂️ All that happened was something relatively routine.
Essentially, some person submitted a contact form, and all they actually did was enter a false address from my own email domain in the “email” field when they submitted the form and then I misinterpreted that because it shows as being “From” the address that the user enters.
However, if I’d have tapped “More Information” I would’ve seen that this is in fact, not true.
So there was no hack, it was just routine spam 🤦♂️ And for that, I shut my website down for 4 hours…. Oops.