Scoutinternal

JFSA Format RCA Requests and SMS Spam Ticket Handling

JFSA Format RCA Requests and SMS Spam Ticket Handling

Problem

This cluster covers two distinct categories of inbound tickets: (1) legitimate requests from JFSA-regulated clients for formal Root Cause Analysis (RCA) documents related to BitGo service degradation or transaction-processing incidents, and (2) a high volume of automated spam tickets submitted through an external SMS/Freshdesk form (https://moneysms.freshdesk.com/support/tickets/new) that appear as nonsensical, machine-generated subject lines and descriptions. Both ticket types are routed into the support queue and require triage to separate actionable requests from noise.

Diagnostics

  • Check the ticket source/origin URL: Spam tickets in this cluster originate from https://moneysms.freshdesk.com/support/tickets/new. If the ticket was submitted through this external form rather than a known BitGo customer channel, flag it as suspected spam.
  • Inspect the subject and problem fields: Spam tickets exhibit a consistent pattern — subjects and descriptions contain randomized alphanumeric strings (e.g., subject prefixed with a repeating identifier pattern followed by random uppercase characters). Legitimate JFSA RCA requests reference specific incidents such as "Degraded service" or "Issue processing ETH transactions."
  • Verify the Salesforce case reference: Legitimate tickets carry a Salesforce case number (e.g., SF#00087357, SF#00087539) tied to a known customer account. Spam tickets also carry SF numbers (e.g., SF#00198304 through SF#00198351) but these are auto-generated in rapid succession (seconds apart) and are not linked to real customer interactions.
  • Check creation timestamps: Spam tickets are created in rapid-fire bursts — often one every 1–2 seconds from the same creator ID. Legitimate JFSA requests are isolated, individually authored tickets.
  • Confirm requester identity: Verify whether the ticket creator corresponds to a known JFSA-regulated client or an internal escalation. Spam tickets share a single automated creator ID with no corresponding customer account.

Resolution

Scenario: sms-httpsmoneysmsfreshdeskcomsupportticketsnew-submit-money#spam-bulk-tickets

Trigger: Tickets arrive in rapid bursts with randomized alphanumeric subject lines and descriptions, originating from an external Freshdesk SMS form.

Signals: moneysms, freshdesk, randomized subject, bulk creation, 1-2 second intervals, nonsensical description, external form submission, spam

Steps:

  1. Identify the batch by filtering tickets created within the same short time window (e.g., dozens within minutes) that share the same creator ID and the characteristic randomized subject-line pattern.
  2. Confirm the tickets contain no legitimate customer content — subject and description fields are random character strings with no recognizable request.
  3. Mark all identified spam tickets as spam or close them in bulk with a resolution of "Spam — no action required."
  4. If the volume is significant or recurring, escalate to the engineering/IT team to investigate whether the external form endpoint (https://moneysms.freshdesk.com/support/tickets/new) can be blocked or filtered at the integration layer to prevent future ticket creation.
  5. Do not respond to the submitter, as these are automated submissions with no valid customer behind them.

Notes: These tickets do not represent real customer issues. They appear to be automated test or spam submissions routed into the BitGo support queue. No customer follow-up is required. The SF# numbers assigned to these tickets are auto-generated and do not correspond to real Salesforce cases.

Scenario: sms-httpsmoneysmsfreshdeskcomsupportticketsnew-submit-money#jfsa-rca-request

Trigger: A JFSA-regulated client requests a formal Root Cause Analysis document for a specific BitGo service incident (e.g., degraded service, ETH transaction processing issues).

Signals: JFSA, RCA, root cause analysis, degraded service, ETH transactions, incident report, regulatory requirement

Steps:

  1. Verify the requester is a known JFSA-regulated client by confirming their account and Salesforce case number (e.g., SF#00087357, SF#00087539).
  2. Identify the specific incident referenced in the request (e.g., "Degraded service," "Issue processing ETH transactions").
  3. Escalate the RCA request to the appropriate internal engineering or incident-response team, specifying that the client requires the RCA in JFSA format to meet Japanese regulatory obligations.
  4. Coordinate with the compliance team if regulatory-specific language or formatting is required for the RCA deliverable.
  5. Once the RCA document is prepared, deliver it to the client through the established secure communication channel and update the Salesforce case accordingly.

Notes: JFSA format RCA requests are regulatory in nature and should be treated as high-priority. Turnaround expectations may be governed by the client's regulatory deadlines — confirm timeline requirements early in the process.

Related

  • none identified