I just rehosted a site for a client, and am now receiving emails from the site stating I’ve recently requested to have the administration email changed. I didn’t request it, and I’ve deleted the account the former admin could have used to log in. I’ve also changed all other passwords, and the host has changed.
This is the second time this has happened. The first time, I tried clicking the link to see if it would tell me the proposed new email that was requested, but instead it just authorized the change. And I couldn’t change it back, because the confirmation email went to the new, unauthorized email. So I changed it directly in the database and now know better than to click the link.
I am trying to figure out how these emails are being generated…any ideas? Email I’m receiving is below.
You recently requested to have the administration email address on
your site changed.
If this is correct, please click on the following link to change it:
You can safely ignore and delete this email if you do not want to
take this action.
This email has been sent to [current admin email]
All at sitename