Has our webflow platform been hacked?

Hi guys,

this morning we’ve had 2 clients report that they’ve received emails (through the webflow form submission) telling our clients that their website has been hacked and they’re asking for ransom (in bitcoin).

Has anyone else experienced this? We’ve litterally had 2 clients report the exact same thing in a single morning.

Can anyone provide any advice / insight?

2 Likes

Sounds like a scam. They received it through the form which is open to the public I assume.
What exactly is being held for ransom? Do the submissions reference the user’s login name or credentials? Are there sensitive documents on the site?

We got the same email through the Webflow form submission. I’d say it’s a scam attacking webflow sites. I was looking for a way to report to Webflow when I cam across your post.

The Webflow Designers Global facebook group, twitter, etc have tons of these, it’s just a big scam push from appearances.

Thank you for reporting the issue.

This is a spam email sent via the website forms. Please ignore the email as all information in that email is completely false. We recommend enabling Google reCAPTCHA on all forms: (Add a reCAPTCHA field | Webflow University)

Hi… I received the exact same email this morning. Same request and threat.

I had a client with the same message.

Here’s an interesting wrinkle: She no longer is receiving form submission notifications from that form. The info is captured, but she doesn’t get an email with the info. It’s like it’s going to someone else.

I couldn’t fix it, so I added a brand new form and tested that—everything worked perfectly as it should.

So I am deleting the old form and using the new one.

@matthewpmunger there may be something else more nefarious going on with these hacks beyond just the seemingly phoney email threat. Or it was just a wonky form.

Also, I’ve noticed that there is seemingly no way to get in touch with Webflow support directly right now. I just am redirected over and over again to the forum search page.

@suzanne - There is no form processing outage or incidents indicated on the WF status pages at this time.

So the cause is more likely to be related to the email being flagged as spam in the client’s mailbox or due to an unsubscribe.

Yup, about 5 different Webflow sites that we host have ALL started to receive 2 to 3 spam emails per-day with the same awful spam. It’s so weird because this has never happened before. It only started about a week ago, but since then it’s been a nightmare - even with Captcha installed. They seem to specifically be targeting Webflow site forms… WF team, can you address this?

1 Like

also experiencing this

The team is currently investigating spam or phishing attempts sent through Webflow forms on sites.

You can contact support@webflow.com if you’d like to share specific details about your site.

Everyone should be aware that anyone can manually fill out a Webflow form with spammy content. Webflow does not provide anti-spam on form submissions but may be able to mitigate bot traffic. If you want that then you need to use a third party provider that has that option. Plus reCAPTCHA is only helpful in blocking some bots, not all.

I use honeypot fields (hidden fields that when filled trigger a rejection), Askimet, and reCAPTCHA with my form provider of choice (usebasin.com). For apps I build I use the above but substitute Cloudflare Turnstile (HINT HINT WEBFLOW).

Update

This appears to be a targeted spam email sent through website forms. Please ignore the email, as all information in that email is completely false.

Our security team is actively investigating these incidents. We assure you that your website is safe.

1 Like

Attention
If you believe you or your client received a spam form submission, please forward the email to form-spam-reports@support.webflow.com

We’re also getting a ton of spam as of the last week on all of our client sites (and our own), including those threat ones. We’ll be adding recaptcha to every one this week, but so strange that there was been up uptick on most of our Webflow sites (30+ live ones)