Email sent out “from” POPAI late Tuesday Nov. 22 triggers an audit of our website code

POPAI on 11/23/2022 by Karen Oeding

Last night someone that wasn’t me activated one of our old code pages to send out an email to everyone in the POPAI Member Database regarding some news posts. I’m sorry for the extra and unnecessary inbox message you received. It looked different from our normal Monday Morning emails without our branding and links.

I consulted with our hosting company and can report to you that it did not contain malware or result in anyone getting our email addresses because it came from the address indicated in the code and there are no links or weird addresses in it. I am treating this as if it was a human intentional action because there is no date or timing code in it.

It is of course disconcerting.

I’ve taken the following actions to prevent this from happening again:

  • Troubleshooting #1 was to remove every code page that included the words I saw in the email about the articles being posted. I did this within 10 minutes of logging in and discovering the problem: thanks find and replace. 
  • Troubleshooting #2 was to look at our database and records to make sure it’s not compromised. Thanks daily backups – everything is the same now as it was when I closed up for the day.
  • Troubleshooting #3 was to replace these exact pages with fake ones that have tracking code and nothing that can email us all to see on my analytics if the pages themselves are being accessed.

Thanks to the members who reached out to me with this weird behavior – I need to know about it and although I could see it had happened and got one too I value your interaction with me.

Any concerns can be directed to me at