Fake signups: What to Do
Some users report fake signups, which is rare, but it happens.
MailPoet implements preventive measures to by default to prevent bots from subscribing to your newsletters. This said, you can take steps to help protect your site.
Determine the source signups
Most of the time, these don't come from MailPoet's forms. So you should look for these:
- See in your WordPress Comments > Spam if the email addresses there match the signups in MailPoet;
- Check your WordPress users for any suspicious users, possibly with the same email addresses;
- Check in your database, with phpMyAdmin, if there are no hidden WordPress users (common hack);
- Check in your database, in the table "..._mailpoet_email" if there are any suspicious email addresses.
Steps to prevent fake signups
- Enable signup confirmation in your MailPoet > Settings > Signup Confirmation. This option is turned on by default. When using MailPoet Sending Service, signup confirmation is mandatory;
- Add a Captcha to your subscriptions forms;
- If you enable sign-ups in the comments (MailPoet > Settings > Basics): enable Akismet or similar anti-spam for comments;
- Install the anti-spam plugin WP-SpamShield.