Our new education hub at WordPress.com/learn has launched! No registration or purchase required.
WORDPRESS
A New Home for WordPress.com Courses – WordPress.com News
We’re excited to announce that our WordPress.com courses are now available at wordpress.com/learn, with no registration or purchase needed.
The world-class educational offerings available in the new learning hub include:
And there are more courses to come!
This learning hub also provides quick access to our live webinars (and replays) where you can join us for demonstrations, instructions, and Q&As. Get registered today for our March sessions:
Be sure to check the webinars page each month for new topics.
Finally, wordpress.com/learn allows for one-click access to our support documentation, forums, and YouTube channel.
It’s worth repeating: there’s no registration or login required to view any of our materials! It’s as easy as clicking the button below to get started today.
There’s never been a better time to learn the ins and outs of creating a new site, blogging like a boss, podcasting like a pro, and optimizing your content! Join us at wordpress.com/learn to get started on the path towards pursuing your dreams.
Join 97,591,492 other subscribers
WORDPRESS
5 Hidden Features of WordPress.com – WordPress.com News
Whether you’re a blogger, a developer, or fall somewhere between, you’re likely to discover something new and useful in this video.
Isn’t it amazing how you can learn new things about someone, even after years of knowing them? That’s how Jamie Marsland has felt in the last few weeks while diving deeper into WordPress.com’s capabilities. In today’s Build and Beyond video, he shares five incredible features built right into the platform that aren’t as well known as they should be. Whether you’re a blogger, a developer, or fall somewhere between, you’re likely to discover something new and useful.
Ready to build on WordPress.com? Start a free trial today:
Join 4.7M other subscribers
WORDPRESS
New WordPress.com Themes for March 2024 – WordPress.com News
Five of our favorite new themes.
The WordPress.com team is always working on new design ideas to bring your website to life. Check out the latest themes in our library, including great options for small businesses, sports fan, nostalgic bloggers, and more.
Feelin’ Good is a vibrant (to say the least!) blog theme with a bold vaporwave aesthetic. Its nostalgic atmosphere pays homage to the daring, over-the-top visual art and advertisements of the ’80s and early ’90s. We’ve combined a lot of elements that shouldn’t work together, but do. If you’re looking for a dynamic, attention-grabbing, eye-popping visual feast of a theme, try Feelin’ Good.
Click here to view a demo of this theme.
Low Fi is a simple blog theme featuring a narrow column layout that’s optimized for seamless browsing on mobile devices. With six style variations, you’re sure to find a palette you’re drawn to. Taking inspiration from the lo-fi beats music scene, the theme’s design cues, such as the square header image, offer a nod to album artwork.
The overall aesthetic is deliberately understated, with each element—from the muted color schemes to the textured background—crafted to evoke a sense of nostalgia and warmth.
Click here to view a demo of this theme.
Cakely is the ultimate WordPress theme designed specifically for passionate bakers, cake enthusiasts, and dessert lovers. Tailored for small businesses aiming to shine in the world of sweets, Cakely effortlessly combines style and functionality to showcase mouthwatering creations. Its vibrant pink color scheme exudes joy while maintaining a classy, clean layout with easy navigation. This theme ultimately strikes the perfect balance between professionalism and playfulness, making it an ideal choice for showcasing your delicious masterpieces.
Click here to view a demo of this theme.
Treehouse is a carefree, fun, and friendly theme ideal for Woo stores selling children’s products. With its unlimited customization options, Treehouse enables you to set up an online shop with just a few clicks. Utilizing a soft color palette, playful design details, and simplified layouts, your site will attract a wide range of customers, from young parents to over-the-moon grandparents. This theme is fully responsive and cross-browser compatible.
Click here to view a demo of this theme.
Major League Baseball’s 2024 season kicks off on Thursday, March 28. What better way to show your home team the love it deserves than with a baseball-themed fan site! With a somewhat old-school layout, this theme evokes some of the classic sports sites of the ’90s, back before fantasy leagues took over. The header and accent colors are customizable, ensuring that your favorite crew is properly saluted.
Click here to view a demo of this theme.
To install any of the above themes, click the name of the theme you like, which brings you right to the installation page. Then click the “Activate this design” button. You can also click “Open live demo,” which brings up a clickable, scrollable version of the theme for you to preview.
Premium themes are available to use at no extra charge for customers on the Explorer plan or above. Partner themes are third-party products that can be purchased for $79/year each.
You can explore all of our themes by navigating to the “Themes” page, which is found under “Appearance” in the left-side menu of your WordPress.com dashboard. Or you can click below:
Join 4.7M other subscribers
WORDPRESS
How to Get Started: Investigating Payment Gateways Online
When investigating a website, app, or online shop, one of the key questions you may need to answer is ‘How are they making money?’
Investigating the financial transactions of an organisation can reveal details about its connections and funding. Furthermore, if the website or app is engaged in illicit transactions, tracing the payment gateway can help achieve accountability by identifying what sites they are using to earn money. Bellingcat has looked into the payment processors in previous investigations on far-right merchandise, Britain’s far-right influencers, and non-consensual deepfake pornography.
Payment gateways are a technology that takes a customer’s payment information, checks it with their financial institution, verifies that the transaction is legitimate, and then completes the transaction. As explained by Forbes, online stores need a payment gateway to be able to facilitate payments. Companies including PayPal, Stripe, and Square are commonly used as a payment gateway for online purchases.
Most mainstream payment gateways (like Stripe and PayPal) prohibit their services from being used in illegal transactions including the sale of illegal drugs, the promotion of hate or racial intolerance, and non-consensual adult content. Finding evidence that someone is violating the Terms of Services of these companies – and how they are doing so- can lead to the closure of loopholes and accounts. It can also provide additional information about an organisation’s revenue streams.
It is nearly impossible to conduct online transactions without a payment gateway. So it should be possible to find the payment gateway of an organisation earning money, even if it is not obvious at first. One resource that is extremely useful is Chrome’s built- in developer tools (other browsers also have similar tools). Below we’ll provide an overview of the tools to use and questions to ask when scrutinising payment systems.
How are they Taking Payment?
For online transactions, you’ll typically see websites accept traditional forms of payment including credit cards, debit cards and, more recently, cryptocurrency. Since cryptocurrency is not subject to the same regulations as traditional financial systems, cryptocurrency is often used to process payments for illegal services. Since this does not need to be ‘hidden’, websites will usually disclose which currency they accept and how to transfer funds into a crypto wallet. There are other ways you can track funding through cryptocurrency, as discussed in this guide.
If none of the above apply? Other sites that use a payment gateway will accept money directly via credit card payment, bank transfer, or through peer-to-peer payment apps (i.e., PayPal, Cash App, Zelle). If this is the case, you should be able to identify the payment gateway being used. In the case of the peer-to-peer apps, these services may be used by businesses and not just individuals’ transactions. They also require a bank account or credit card to use them. It is helpful to view transaction options on both the mobile app and web browser, in case the options differ. It is also worth checking the currency that payments are being taken in – if it is a US website taking payment in a foreign currency, that can also provide clues. Further, if a website is using different payment gateways depending on the currency, this can lead to additional leads in your investigation. Payment options may also change depending on what IP address you are using. In other words, setting your IP address in the UK and then changing it to the US may result in different payment gateway options.
Where are they Soliciting for Payment?
Organisations may solicit for payment via a website or a messaging app like Telegram. It is important to investigate all avenues where payment is being requested as each method may provide different clues for your investigation. For example, for some of the AI deep fake services we investigated here we found that companies would accept different payment methods depending on how you tried to pay – via their website, via a web browser or via Telegram. Sellers may want to direct their users away from their website to more private forums such as Telegram to facilitate transactions and avoid detection.
Is the Organisation Trying to Hide How Payment is Taken?
For some sellers, using a mainstream payment gateway may violate the terms of service of that company. To be able to use their services, these sellers may try to hide the nature of their goods from the payment gateway company.
A Walk Through Example
Some sites may not show their payment options without signing up first.
This was the case with the Nudify.VIP site which offers non-consensual AI Deep Fake pornography.
Initially, the website states that their services are free.
“With our service you can undress any person in a photo absolutely FREE!”
However, this is misdirection, as you are then prompted to log in or sign up. Only once you create an account do you discover that you need to pay to access the service and how much it costs.
You are then presented with an option to pay via crypto or via credit card, but it does not yet say what cards they accept or what payment gateway they use.
Clicking through to ‘Go To Payment’ gives us a new screen that lets the user pay via credit card (ie MasterCard, Visa), a US Bank account (ie Wells Fargo, USAA), or through Cash App.
There is no indication of the payment gateway they are using, but if we look at the URL on the checkout page, we can see that it no longer says that we are on a Nudify.VIP domain. This is a clue that users are being directed to the checkout page through another website. This method is used to hide the true source of purchases from payment gateway providers. There’s another clue that the domain has changed- in the fine print at the bottom of the checkout page. Via the Checkout Page using either Cash App or credit card options, it discloses:
“By providing your card information, you allow aiphotos.art to charge your card for future payments in accordance with their terms.”
This is another clue that the payment gateway does not know this belongs to an AI Deep fake service Nudify.VIP.
Use Browser Developer Tools to Investigate Further
All modern browsers have some form of built-in developer tools. You can search online for your specific browser (e.g. Firefox, Chrome, Safari). If you are in Chrome, you can right-click anywhere on the screen to get a menu and an option to ‘Inspect.’ You can also use keyboard shortcuts which can vary between MacOS or Windows. For Windows, you can click CTRL + SHIFT + I and on MacOS you can click Option + Command + I on your keyboard. Any of these actions will open the developer tools which allows you to view the code of a webpage (such as HTML, CSS, and Javascript). This should appear on the right-hand side of your screen. While developer tools are designed to check for bugs or errors in a website, you can use them in your investigation.
There should be a list of tabbed options for you to view on the top menu bar. Clicking on ‘Sources’ shows you all the resources that the website is using.
This is a good place to start to look for any clues about what piece of code is being used in the checkout process. In the example below, one of the listed sources on the page is titled ‘js.stripe.com.’
Googling ‘“js.stripe.com” brings up documentation from the company, Stripe.
The documentation shows that ‘js.stripe.com’ is Stripe’s JavaScript library which is the code needed to facilitate payment processing.
This confirms that Stripe is the payment gateway being used by Nudify.VIP. In this case, Stripe was the payment gateway that facilitated transactions via credit card, US banks, and Cash App.
Using Browser Developer tools and following these simple steps, we were able to learn that Nudify.VIP created a decoy website to which they were redirecting their credit card payments to make Stripe think they were processing sales for a company called “Aiphotos.art.”
As you investigate payment gateways, you can begin to recognise the Javascript libraries used by companies.
Rummaging around the ‘Sources’ tab via the Google Chrome Inspect tool is a useful starting point to find out details about what sources a seller or organisation is relying on to run its website and process payment.
For example, we investigated the payment gateway for a candle company, Patriot Candle Co. At first glance at the Sources tab, it may look like they are only using WordPress related scripts. WordPress is one of the most common website building tools available. However, if you click through to expand the contents of the folders, in this case, if you click ‘wp-content’ and then click ‘plugins,’ we see a few libraries using ‘woocommerce.’ WooCommerce is WordPress’s open source payment gateway.
Some sites may have multiple payment gateways, so it is important to investigate the entire site and all the sources being used on the website.
A Few Minutes Research, Rich Rewards
We have outlined some very simple steps that take only a few minutes of work and produce clear leads for an investigation. In the case of Nudify.VIP, we were able to show the company had created a decoy website to which they were redirecting their credit card payments in order to make Stripe think they were processing sales for a company called “Aiphotos.art.” Stripe shut down the account, when we contacted them about it. It may take only minutes to go through this process, but it can provide important starting points for your investigation.
Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Instagram here, X here and Mastodon here.
-
SEO7 days ago
Contact Us Page Examples: 44 Designs For Inspiration
-
SEARCHENGINES7 days ago
Daily Search Forum Recap: March 22, 2024
-
PPC7 days ago
Mastering Lead Generation in Paid Search Advertising
-
SEARCHENGINES3 days ago
Daily Search Forum Recap: March 25, 2024
-
AFFILIATE MARKETING7 days ago
Legendary Marketer Accused of Misleading ‘Side Hustle’ Ads
-
MARKETING6 days ago
The 5 Best AI Relationship Chatbots in 2024 + How They Work
-
SEARCHENGINES6 days ago
Google Spam Update Done, Patience With Core Update, Helpful Content Recoveries, Yahoo Search Coming & New Head Of Google Search
-
AFFILIATE MARKETING3 days ago
27 Passive Income Ideas to Make Money & Build Wealth in 2024