Text Size Default Text SizeDefault Text Size Large Text SizeLarge Text Size Largest Text SizeLargest Text Size Print Print this Page

Phishing through Web Form Hosting Services

There are many online web services that will host web forms that you create.  These forms can be used for many purposes including phishing.  All of the services have appropriate use terms that prohibit making phishing forms, but none can effectively prevent those forms.  They rely on user complaints to alert the service administrator of the abuse.  A phisher can often collect enough passwords before a complaint gets processed.

At Longwood, we have created an email processing rule that detects URL's from these web services but cannot tell whether the suspected URL goes to a form that collects personal information or a legitimate use of the web form hosting service.  A warning is added to the beginning of the messages with supsect URL's, and these messages will be delivered through the Spam Quarantine messages.  If you see the warning, you should carefully consider what the form is for before you respond as the sender requested.

These are the form services that we watch for: 

*.0ad.info *.1eko.com *.adobeformscentral.com *.atwebpages.com
*.bravesites.com *.byethost.com *.cabanova.com *.coffeecup.com
*.contactme.com *.dasfree.com *.formbuddy.com *.formpl.us
*.formstack.com *.hostingsiteforfree.com *.i-m.com *.jigsy.com
*.jimdo.com *.logiforms.com/formdata/ *.mooform.com *.noads.us
*.pandaform.com *.pastehtml.com *.phpforms.net */phpform/use/
*.survsoft.com *.t15.org *.tripod.com *.the-webmail.com
*.twomini.com *.ucoz.* *.webnode.com *.webs.com
*.websitewizard.com *.wufoo.com *.xtgem.com *.yolasite.com
  *.zohosites.com *.zyro.com