What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    I would like to report a phishing form.

    Asked by Goncal Badenes on November 04, 2013 at 09:45 AM

    We are receiving the following phishing attack using your service. Please take the appropriate actions to avoid abuse:

     

    Return-Path: <SRS0=V01G=UN=arhc.gsf.nl=rberends@puc.rediris.es> Received: from ilv04.icfo.es ([unix socket]) by imap.icfo.es (Cyrus v2.4.16-Invoca-RPM-2.4.16-1.el6) with LMTPA; Mon, 04 Nov 2013 13:56:18 +0100 X-Sieve: CMU Sieve 2.4 Received: from ilv04.icfo.es (localhost.localdomain [127.0.0.1]) by ilv04.icfo.es (Postfix) with ESMTP id 79DAB3FB87 for <goncal.badenes@icfo.es>; Mon, 4 Nov 2013 13:56:18 +0100 (CET) Received: from elv02.icfo.es (elv02.icfo.es [10.50.1.9]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ilv04.icfo.es (Postfix) with ESMTPS id 6D0113F1D5 for <goncal.badenes@icfo.es>; Mon, 4 Nov 2013 13:56:18 +0100 (CET) Received: from pique.puc.rediris.es (pique.puc.rediris.es [130.206.18.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by elv02.icfo.es (Postfix) with ESMTPS id 5BA0A3F085 for <goncal.badenes@icfo.es>; Mon, 4 Nov 2013 13:56:18 +0100 (CET) Received: from [212.79.242.216] (helo=mail24-tower01.nl.cleanport.com) by pique.puc.rediris.es with esmtp (Exim 4.72) (envelope-from <rberends@arhc.gsf.nl>) id 1VdJhY-00009q-Fa; Mon, 04 Nov 2013 13:56:17 +0100 X-Envelope-From: rberends@arhc.gsf.nl X-CleanPort: VirusProtection X-Msg-Ref: mail24-tower11.nl.cleanport.com|49928689|1383567855|04-11-2013 13:24:15 X-Originating-IP: [212.67.182.205] X-VirusChecked: Checked X-VirusCheckedDate: Mon, 04 Nov 2013 13:24:15 +0100 X-VirusEngine: 8.2.12.136 X-VirusVDF: 7.11.110.214 Received: from (unresolved) ([212.67.182.205] HELO=mail.gsf.nl) by mail24-tower11.nl.cleanport.com (CleanSMTPd 1.6.8) with ESMTP id 52778773-0; Mon, 04 Nov 2013 13:24:13 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CED958.9CC4BFDF" Subject: Update and Re-activate your mailbox Date: Mon, 4 Nov 2013 13:23:05 +0100 Message-ID: <C7014E26E5399245B69FAC05C1438BE47F8890@GSF-MAIL-01.gsf.local> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Update and Re-activate your mailbox Thread-Index: Ac7ZWJxZC0cKuvrATk6aHwVLUYpZYQ== From: "Roos Berends" <RBerends@arhc.gsf.nl> X-CTCH-IPCLASS: T1 X-CTCH-RefID: str=0001.0A0B0201.52779971.0062:SCFSTAT19183394,ss=1,re=-3.900,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0 X-CTCH-VOD: Unknown X-CTCH-Spam: Unknown X-SPF-Received: 5 X-Spamina-Bogosity: Ham X-Spamina-History: valid X-Spamina-Service-Type: pyme X-Virus-Scanned: ClamAV using ClamSMTPThis is a multi-part message in MIME format.------_=_NextPart_001_01CED958.9CC4BFDF Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable=20 =20 Dear User,This is to inform you that your mailbox have exceeded its storage limit = set by the administrator. You may not be able to send or receive new = mail until you Re-activate your mailbox. To Update and Re-activate your = mailbox. Please Clickhere <http://form.jotform.co/form/33073129986866>=20Regards System Administrator------_=_NextPart_001_01CED958.9CC4BFDF Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable<HTML dir=3Dltr><HEAD>=0A= <META content=3D"text/html; charset=3Dunicode" http-equiv=3DContent-Type>=0A= <META name=3DGENERATOR content=3D"MSHTML 8.00.7600.16444"></HEAD>=0A= <BODY>=0A= <DIV dir=3Dltr id=3DidOWAReplyText37071>=0A= <DIV dir=3Dltr><FONT color=3D#000000 size=3D2 = face=3DArial></FONT>&nbsp;</DIV>=0A= <DIV dir=3Dltr><FONT color=3D#000000 size=3D2 = face=3DArial></FONT>&nbsp;</DIV></DIV>=0A= <DIV dir=3Dltr id=3DidSignature92239>=0A= <DIV dir=3Dltr id=3Dyiv8025027867idOWAReplyText83895>Dear User,<BR></DIV>=0A= <DIV dir=3Dltr id=3Dyiv8025027867idSignature93311><BR>This is to inform = you that your mailbox have exceeded its storage limit set by the = administrator. You may not be able to send or receive new mail until you = Re-activate your mailbox. To Update and Re-activate your mailbox. Please = <A id=3Dyui_3_13_0_1_1383564575530_4253 = target="_blank" href=3D"http://form.jotform.co/form/33073129986866" rel=3Dnofollow = target=3D_blank>Clickhere</A><BR><BR>Regards<BR>System = Administrator</DIV></DIV></BODY></HTML> ------_=_NextPart_001_01CED958.9CC4BFDF--

     

    Page URL:
    http://form.jotform.co/form/33073129986866

    JotForm meta size name
  • Profile Image

    Answered by khrisell on November 04, 2013 at 09:51 AM

    Hello,

    Thanks for reporting it to us. Upon checking the account, it is already have been suspended. 

    If you see the same form again, please do not hesitate to contact or report them to us. We have an automatic phishing detector in our server. However, they uses their knowledge to manipulate the form html code that is why they are able to bypasses the filter. 

    Thank you for raising this concern.