Missing e is not the cause of recent account trouble some people are experiencing.
When logging in, some Missing e users are seeing the above screen, but it is also happening to people not using Missing e.
Sometimes, this can mean that your account has been accessed by someone without permission. Perhaps you have entered your password on a page that was actually intended to look like Tumblr, but was actually a phishing attack where someone uses a fake form to steal your password?
Change your password and keep it secure.
Above all, make sure that you only enter or change your password on a secure Tumblr page. Here is a Tumblr staff post on how to recognize secure Tumblr pages: http://staff.tumblr.com/post/15260097735/ev-cert
As I find out more, it appears that the problem may not be compromised passwords but a bit of a mixup on Tumblr’s end.
That link to a Tumblr tweet may point to removed tweet. Tumblr has since tweeted about this exact issue: https://twitter.com/tumblr/status/212702358604480513
While this has ABSOLUTELY NOTHING to do with Missing e, for anyone with these problems, here’s how to deal with it!
Why isn’t Tumblr doing anything about this?
Please note that this attack has absolutely nothing to do with the Missing e browser extension!
A while back there was a serious problem with a lot of blogs posting fake “staff” posts about Starbucks coupons or other spam-related things. That problem is still going on.
~ Why is this a problem? ~
This is pretty bad, considering many people on Tumblr are not exceeding tech-savvy. I mean, the thing looks legitimate. I wouldn’t be surprised if quite a few people have just given their passwords away because of this thing. Then, their blog theme is itself changed to continue propagating this phishing attack.
To be clear, you should never enter your password into any page that is not a secure Tumblr page. Here’s a staff post on how to recognize a secure page.
~ What should Tumblr be doing? ~
The script actually loads from a server in China (IP: 184.108.40.206), but beyond that I can’t really work out anything about who is behind it.
The real question I have is why Tumblr hasn’t done anything about this. Other than posting helpful information on recognizing secure Tumblr pages, they don’t seem to be doing very much! I would expect that it would be possible for Tumblr to prevent this script from actually running on themed blog pages, considering it can be traced directly to a malicious server.
I’m thinking about adding something into Missing e to get rid of these fake login boxes, but that doesn’t solve the problem by a long shot!
~ What to do if your account is a victim ~
If your blog is posting spam or your themed blog shows the fake login screen, you can fix it!
- First things first, change your password! When you do so, make sure the page you are on is a secure Tumblr page (how to recognize one)
- Second, if your blog has the fake login screen, you need to reset your blog’s theme!
- If that isn’t possible, you can go in and remove the offending code. It is a couple of lines near the bottom of your theme code that start and end with
<script>tags and has a bunch of code with seemingly random numbers and letters