What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    Fraudulent site - please shut down![Optimal Payments E1013628] Domain: myjotform.com

    Asked by rsa security  on July 20, 2014 at 03:46 AM

     

     

     

    Dear Team

    It appears that your website
    myjotform.com has been hacked by a fraudster. It is now hosting a phishing attack against Optimal Payments.
    Please remove the fraudulent folders/files as soon as possible and secure your website as it has been compromised.
    Please note that it is possible that the fraudulent content is embedded in your website's legitimate files.

    http://form.myjotform.com/form/41945472336560

    In addition, please send us any source files of the attack.
    Please let us know if you have any questions or need further assistance. We appreciate your cooperation.

    Best Regards,

    RSA Anti-Fraud Command Center
    RSA, The Security Division of EMC
    US Phone: +1-866-408-7525
    Email:
    afcc@rsa.com
    For more information about RSA's AFCC
    http://www.rsa.com/node.aspx?id=3348

     

     

    Dear Sirs:

     

    RSA, an anti-fraud and security company, is under contract to assist Optimal Payments Bank and its related entities in preventing or terminating online activity that targets Optimal Payments Bank clients as potential fraud victims. RSA has been made aware that you appear to be providing Internet Services to a fraudulent Web site, which is part of a “phishing scam”*. This activity violates Optimal Payments Bank copyright, trademark and other intellectual property rights and may violate the criminal laws of the United States and other nations.

     

    E-mail messages have been broadly distributed to individuals by a person or entity pretending to be Optimal Payments Bank. These e-mails use Optimal Payments Bank name and identity (including trademarks) without authorization. The e-mails request recipients to verify and submit sensitive details related to their Optimal Payments Bank accounts. Within the fraudulent e-mail message, there is a link that leads the recipients to a fraudulent website displaying Optimal Payments Bank copyrighted materials and trademarks. The fraudulent website is located at the following URL address http://form.myjotform.com/form/41945472336560 to which you provide services and which is under your control.

     

    The fraudulent website not only represents a misuse of Optimal Payments Bank intellectual property; its purpose is to improperly obtain personal information of Optimal Payments Bank customers in order to fraudulently access their bank accounts. The owners of those websites typically perpetrate identity-theft related activities, such as using customer’s credit cards or bank accounts without authorization. In addition, since the vast majority of all of the e-mails are not being sent to actual Optimal Payments Bank customers, the actions may serve to damage the reputation and image of Optimal Payments Bank.

     

    Please take all necessary steps to immediately shut down the fraudulent website, terminate its availability to the Internet and discontinue the transmission of any e-mails associated with this website.

     

    We understand that you may not be aware of this improper use of your services and we appreciate your cooperation. We specifically would ask that you also take the following actions: Please provide us with a tar/zip file of the source code for this site, so that we may analyze it to help prevent further attacks. If any customer data has been captured that is stored on your systems or equipment, please send us that data so that the customers to whom that data relates can be notified and take steps to protect their credit. Please provide a copy of any records you maintain that indicate the name, contact information, method of payment or similar information that may be useful in helping learn about the identity and location of the customer for whom the website has been operated.

     

    Thank you for your cooperation to prevent and terminate this fraudulent activity.

     

    Sincerely,

     

    RSA Anti Fraud Command Center
    Tel: +44(0)800-032-7751 (UK)
    Tel: +1-866-408-7525 (US)
    E-mail:
    afcc@rsa.com

     

    Title: Legal Counsel
    Name: Lana Rabinovitch
    Address: 3500 de Maisonneuve blvd. West, suite 700, Montreal, Quebec, H3Z 3C1
    Telephone: 514 – 380 - 2726
    E-mail: Lana.rabinovitch@optimalpayments.com

     

    *”Phishing" is an e-mail scam that attempts to trick consumers into revealing personal information, such as their credit or debit account numbers, checking account information, Social Security Numbers, or banking account passwords, through an imposter’s Web site or in a reply e-mail.

     



    40

     

    domain myJotForm site style size source name
  • Profile Image
    JotForm Support

    Answered by Welvin on July 20, 2014 at 09:15 AM

    Hello RSA Security,

    We are not hacked by someone, our servers are highly secured. We are a form builder and this form was created by someone to our system. It appears that this form was created yesterday. Our system has its own Anti-Phishing System and we guarantee that forms like this cannot escape and will be disabled later, the user will also get ban. Our team is also composed of a few individuals who manually check user forms and they are tasked to do this every day.

    We thank you for reporting this form, this helps us to make Jotform a phisher-free system. If you see the same form again, please let us know and well make sure to remove it from our system.

    As requested, here are the user information:

    Username: ribery7

    Email Address: fast_of_farious@hotmail.fr

    IP Address: 196.217.17.48

    That's all from our records. We do not collect a full name upon registration so we cannot give you that.

    Thanks