Unlike comment emails, I recommend that all site owners pay attention to the user registration emails sent by WordPress. Why is this alert the most important? It’s not a guarantee that you’ll know when a spam account has been created on your site. However, this alert does help you keep tabs on who has access to your own site.
Hackers do have ways to create user accounts that don’t trigger these automatic email alerts. Don’t assume that you’ll always be warned when there’s a problem.
What user registration emails look like
In order to get these new user registration emails, you’ll need to make sure your settings are correct. Otherwise WordPress can’t alert you to any suspicious activity!
Once you’re logged in to your site, head to Settings > General. Check the Email Address set right below your URL. If it’s not an email address you use or have access to, change it + click the “Save Changes” button at the bottom of the page.
After you do that, you’ll get an email just like this one when a new user is created on your site. (By going to Users > Add New in the menu.) Whether you check the box to send the new user their password or not, this email will be sent to the email address in the general settings page.
You’ll be alerted to the site that the user was created on. Plus you’ll know the username + the email tied to the new user. That’s it. No password information, no notes about the role that they have, etc.
Odds are you created this user and can delete or archive the email. But if you didn’t, that’s your cue to investigate who made the account + why.
If your site uses a plugin that allows folks to register an account on your site, that would be the most likely second source of these emails being triggered. And some managed hosting companies (like us) create a hosting user to help out if there are problems with the site.