Zendesk Tickets Hijacked in Global Spam Wave

A widespread spam campaign is exploiting vulnerable helpdesk systems, with Zendesk tickets hijacked to send out floods of unwanted emails globally. Victims have reported receiving hundreds of messages through compromised support channels. The emails arrive with strange, sometimes alarming subject lines, raising concerns about potential phishing or malware distribution.

Security researchers say the spam appears to originate from improperly secured Zendesk instances, allowing attackers to misuse their automated ticketing functions. This flood of messages is overwhelming inboxes and could damage the trust users place in customer support platforms.

So far, the attacks have caused significant disruption, but the full scope remains unclear. Zendesk has not issued an official statement. Security experts urge users to monitor their inboxes and avoid clicking on suspicious content.

As the forum of abuse continues to widen, organizations using Zendesk must urgently audit their security settings to prevent more Zendesk tickets hijacked by malicious actors.

Read the full story: https://www.bleepingcomputer.com/news/security/zendesk-ticket-systems-hijacked-in-massive-global-spam-wave/