What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    Staff:A criminal intruder has placed a fake login

    Asked by IID SIRT on May 10, 2011 at 04:42 PM


    Staff:

    A criminal intruder has placed a fake login page (phishing web site) on the jotform.com web site targeting "" customers for the purpose of Credit Card Fraud and Identity Theft.  The phishing site is located at:

    URL:http://www.jotform.com/form/11283440450

    IP Address: 174.34.48.212

    I am a Fraud Analyst with the company called "Internet Identity" located in Tacoma, Washington in the United States.  I am contacting you on behalf of "" because you are listed as an administrative contact for this web site. If that information is out of date, please direct this request to the appropriate individuals.

    Please have the Network Administrator secure the server to prevent further abuse for criminal purposes.  Have the Network Administrator contact us when the files have been removed so that we can update our client and deactivate this incident.  The case number should be below.  If you have questions, please contact us.  Our business operates 24/7/365 and we can be reached by telephone, fax or E-mail


    Thank you.

     

     

     


    --
    IID -- on behalf of
    Actively Securing the Extended Enterprise

    E-mail: alert@internetidentity.com
    Office: +1.253.590.4100 | Fax: +1.425.699.6597

  • Profile Image
    JotForm Support

    Answered by abajan on May 10, 2011 at 04:49 PM

    Thank you for drawing this to our attention, IID. The user's account has been suspended and the form disabled. Also, the principals at JotForm will be notified.

    Thanks again.

  • Profile Image

    Answered by FMP on February 05, 2013 at 02:16 AM

     

    Name: IID SIRT
    E-Mail: alert@internetidentity.com
    Subject: URGENT: domahidimusic.com has been compromised
    Message: Dear Website Administrator,

    We are contacting you to report that your website domahidimusic.com has been compromised and fraudulent content targeting our client Chase Bank has been placed at:

    http://www.domahidimusic.com/wp-admin/network/chase/index.html


    IP Address: 37.43.44.114

    A criminal has placed this fake login page for the purpose of credit card fraud and identity theft. Please remove all files related to this attack and take action to secure your website.

    We are an Internet security company located in Tacoma, Washington. If you are unable to resolve this problem yourself, please contact your webhost for assistance.

    We also request that you sequester any data related to this compromise which could include phishing kit files, source code, log entries of access to the server for the site, connections to upload or download data to the site, or records of the account being created. If provided to us, we will forward this information on to our client.

    We can be reached 24/7 at the contact information below if you have any questions. We greatly appreciate your prompt attention to this issue and request that you advise us regarding what actions you take.

    Regards,

    Security Incident Response Team
    Phone:
    Website:



    Sender IP: 64.122.169.98 - Referer: www.foxyform.com

    You are receiving this e-mail message because you have registered a contact form at www.foxyform.com

  • Profile Image
    JotForm Support

    Answered by EltonCris on February 05, 2013 at 05:15 AM

    Hi,

    This seems to haven been resolved already. Also, It would be best to addressed the second concern to foxyform support since they have the full control of the reported phishing form.

    Thanks!