Magento 1.9.1 and 1.9.3.7
Porto theme
We have 2 Magento installations each with multiple domains/websites. I have noticed recently in the CUSTOMERS –) MANAGE CUSTOMERS area that there are customers with Russian Email addresses there (they never bought anything just registered).
Why would someone do that and is there any kind of a security risk involved? Shall I delete those accounts?
We have had problems with being blacklisted on different blacklists recently even though we NEVER EVER sent any spam whatsover! Could this be connected?
UPDATE ON October 16th, 2018:
We now have 136 348 new accounts. I have activated the Magento CAPTCHA yesterday for both new accounts and Guest Orders but I don't think that worked as we have 700 new fake accounts today alone (and it's only 13:33 MST).
What else do I need to do to stop this? I am so desperate I'm even thinking to temporarily stop sending Emails after customer registers. Please help…
Best Answer
If your Magento doesn't support CAPTCHA or you don't want to active it, you can modify the validate() function (line 709) /var/www/app/code/core/Mage/Customer/Model/Customer.php to block http string in customer name: