Formspree is a service that takes HTML form submissions and sends the results to an email address.
It can be used by threat actors building "serverless" phishing pages i.e. where they don't have a backend server that can send emails or store logs.
title: Exfiltration using formspree.io
description: |
Formspree is a service that takes HTML form submissions and sends the results to an email address.
It can be used by threat actors building "serverless" phishing pages i.e. where they don't have a backend server that can send emails or store logs.
related:
- id: getform-io
detection:
formAction:
html|contains: "action=\"https://formspree.io/f/"
condition: formAction
tags:
- exfiltration