Phishing Emails - Security Concerns

  • Nichole
    Asked on June 26, 2017 at 7:47 AM

    Hello,

     

    I received the Phishing email below and although the email address in the header says it's from JotForm - the real mailer is:  reply@abouthyper.net  This is of significant concern to me.

    *************************************

    Phishing Emails Security Concerns Image 1 Screenshot 30
    JotForm <noreply@jotform.com> Jun 23 (3 days ago)     to rollo04
    Phishing Emails Security Concerns Image 2 Screenshot 41
    Why is this message in Spam? We've found that lots of messages from jotform.com are spam.  Learn more
    Hi,

    Your password was reset using the email address reply@abouthyper.net on Thursday June 22, 2017 at 05:50am.


    Operating system: Windows
    Browser: Chrome
    IP address:  74.204.10.15
    Estimated location:  Brandenburgische Str 14, 55278 Hahnheim Germany



    If you did this, you can safely disregard this email.
    If you didn't do this, please contact us by replying to this email for more informations


    Don't recognize this activity?
    A malicious user might have your password. Please Contact us. we'll review your recent activity and help you take corrective action.


    Why are we sending this? We take security very seriously and we want to keep you in the loop on important actions in your account.
    We were unable to determine whether you have used this browser or device with your account before. This can happen when you sign in for the first time on a new computer, phone or browser, when you use your browser's incognito or private browsing mode or clear your cookies, or when somebody else is accessing your account.


    Thanks,
    Security Team
  • WilliamR
    Replied on June 26, 2017 at 9:34 AM

    I'm afraid the email was coming from a spammer who is using us, Jotform, to send out spam messages to random gmail, yahoo and aol addresses. We have suspended the user to prevent him from sending out more spams. We are sorry for all the troubles, and you can safely ignore the email you received. Rest assured that, no data were compromised during this incident. Should you have any other concerns, feel free to contact us anytime.

  • Nichole
    Replied on June 26, 2017 at 10:43 AM
    Thanks! Just wanted to be sure you guys were aware.
    ...
  • leahweiner
    Replied on June 26, 2017 at 11:16 AM

    I am getting these emails about once a day as well.

  • Kiran Support Team Lead
    Replied on June 26, 2017 at 12:41 PM

    @leahweiner,

    We are sorry for the inconvenience this may have caused. I see that the issue is already being addressed on a separate thread https://www.jotform.com/answers/1183652- by our colleague. We believe that the other email should also be from the same spammer. However, the issue has already been taken care by our backend team. However, since you mention that you have received another email, we request you to provide us with additional information on the other thread so that we can investigate the issue further.