Spam Contact Submission from Hacked Page

SOLVE
New Contributor

Recently our website got affected by the Japanese Keyword hack. We cleaned up the site but somehow received a contact form submission from an unknown url which seems to be from hacked source. How does Hubspot allow generating contacts from hacked pages? Need to resolve the issue.

 

Here' the screenshotScreenshot 2019-09-16 at 10.27.33 AM.png

Reply
0 Upvotes
1 Accepted solution

Accepted Solutions
Highlighted
Community Manager

Hi @khushboo ,

 

That submission appears to have been sent to the v2 form submission endpoint; if you or your team aren't actively using that endpoint to send form submissions, then I would expect this to be a spam submission. The best way to block these submissions is to clone the form, replace the old form with the new form, and delete the old form. Since the new form as a new unique form ID, the spam submissions will no longer be accepted.

Reply
0 Upvotes
4 Replies 4
Community Manager

Hey @khushboo,

 

I'm not 100% clear on all the details just yet, but the Form Submission API is a publicly accessible endpoint. If your website was hacked & someone got access to your portal ID & form ID, it's possible for them to submit form submissions to that form. If you can give me a link to the contact in question (and/or the form) I'm more than happy to take a closer look.

 

Also, if you prefer, you can delete the existing form and replace it with an identical new form, which will have a new ID (therefore preventing submissions to the old form with the compromised ID).

Reply
0 Upvotes
New Contributor

Hi Derek,

 

Thanks for reverting. Here's the link to contact workflow - https://app.hubspot.com/contacts/107458/contact/12107041/

 

Let me know the solution when you can find it.

 

Regards,

Khushboo

Reply
0 Upvotes
Highlighted
Community Manager

Hi @khushboo ,

 

That submission appears to have been sent to the v2 form submission endpoint; if you or your team aren't actively using that endpoint to send form submissions, then I would expect this to be a spam submission. The best way to block these submissions is to clone the form, replace the old form with the new form, and delete the old form. Since the new form as a new unique form ID, the spam submissions will no longer be accepted.

Reply
0 Upvotes
New Contributor

Thanks Derek

Reply
0 Upvotes