It sounds as though someone might have an admin account to your site. Change all admin passwords and verify users. You can also change your WordPress MySql passwords as well.
I do not think anyone could have my password
The E-mails spam are for example:
kramerogolasemarcus@gmail.com
so4d@lcfshop.info
mcintoshmarcellus1@gmail.com
BuddyPress seems to be extremely vulnerable
In addition to Pisanojm’s advice about checking the integrity of your install, upgrade to the latest version of WordPress and BuddyPress.
Ok for the upgrade, but not something quick … I have many blogs, and upgrading to 3.0 gives me problems
I must try to solve the spam problem with the current version of wp / bp
I have had exactly the same problem. I have checked the integrity of my install as best as possible and even changed the admin passwords several times. WP and BP are always up to date but the spam never stops coming.
Its extrememly frustrating, the only solution that works for me is to to block all the countries where the SPAM originates from. Namely Asia, Eastern Block countries etc etc It works perfectly. But limits access to potential users from those countries.
What is seriously needed is something like Akismet but for user spam. I would pay Automattic a fee for an API key for this if my site were commercial. Perhaps they should really look into this problem because it crippling many WP sites and driving site admins to either go for custom solutions or the competition like Elgg
How did you restrict access to users in other countries?
what @zageek said… same here.
