- Benjamin KentoppAsked on December 11, 2015 at 06:23 PM
Our company investigates computer crime incidents on behalf of banks and other companies.
A form receiver page was found to be operating on your network and targeting Yahoo customers. It is used to relay stolen financial information and redirects victims to the legitimate Yahoo site.
188.8.131.52 - us-sub2.jotservers.com
We kindly request that you disable or remove the form receiver script as soon as possible.
If we have contacted you in error, or there is a better way for us to report this incident, please let us know.
Thank you for your assistance,
PhishLabs Security Operations
- CharlieAnswered on December 12, 2015 at 10:02 AM
Thank you for reporting this to us.
I see that the form ID 51732420443547 is not anymore accessible. The account has also been suspended. We do not tolerate phishing activities as this is a clear violation of our terms and is illegal. Our management is doing its best to prevent people using our forms for this illegal activities, we have a team dedicated to manually check forms, and we also have an anti-Phishing system that scans thousands of forms regularly.
We appreciate your effort in reporting this to us, if you find similar forms, please do feel free to contact us again.