Individuals worldwide are being focused by a large spam wave originating from unsecured Zendesk assist programs, with victims reporting receiving a whole lot of emails with unusual and typically alarming topic traces.
The wave of spam messages began on January 18th, with individuals reporting on social media that they obtained a whole lot of emails.
Whereas the messages don’t seem to include malicious hyperlinks or apparent phishing makes an attempt, the sheer quantity and chaotic nature of the emails have made them extremely complicated and doubtlessly alarming for recipients.
The emails are being generated by assist platforms run by firms that use Zendesk for customer support.
Attackers are abusing Zendesk’s skill to permit unverified customers to submit assist tickets, which then mechanically generate affirmation emails despatched to the e-mail deal with the attacker entered.
As a result of Zendesk sends automated replies confirming {that a} ticket was obtained, the attackers are in a position to flip these programs right into a mass-spamming platform by interating by way of massive lists of e mail addresses when creating faux assist tickets.
Firms whose Zendesk situations had been seen impacted embrace: Discord, Tinder, Riot Video games, Dropbox, CD Projekt (2k.com), Maya Cellular, NordVPN, Tennessee Division of Labor, Tennessee Division of Income, Lightspeed, CTL, Kahoot, Headspace, and Lime.
Supply: BleepingComputer
The emails have weird topics, with some pretending to be law-enforcement requests or company takedowns, whereas others supply free Discord Nitro or say “Assist Me!” Many are additionally written in Unicode fonts to daring or embellish the fonts in a number of languages.
Examples embrace:
- FREE DISCORD NITRO!!
- TAKE DOWN ORDER NOW FROM CD Projekt
- LEGAL NOTICE FROM ISRAEL FOR koei Tecmo
- TAKE DOWN NOW ORDER FROM Israel FOR Sq. Enix
- DONATION FOR State Of Tennessee CONFIRMED
- LEGAL NOTICE FROM State Of Louisiana FOR Digital
- 鶊坝鱎煅貃姄捪娂隌籝鎅熆媶鶯暘咭珩愷譌argentine恖
- Re: TAKE DOWN NOW ORDER FROM CHINA FOR Konami Digital Entertainme
- IMPORTANT LAW ENFORCEMENT NOTIFICATION FROM DISCORD FROM Peru
- Thanks in your buy!
- Assist Me!
- Empty titles
As a result of the emails come from professional firms’ Zendesk assist programs, they’re bypassing spam filters, making them extra intrusive and alarming than atypical spam mail. Nonetheless, because the emails do not include phishing hyperlinks, they look like designed to troll recipients somewhat than to have interaction in malicious habits.
A number of firms have confirmed they had been affected by the spam wave, together with DropBox and 2K, who responded to tickets to inform recipients not be involved and to disregard the emails.
“You’ll have not too long ago obtained an automatic response or notification concerning a assist ticket that you simply didn’t submit. We need to make clear why this may need occurred and guarantee you there isn’t a trigger for concern,” wrote 2K.
“To take away obstacles and improve your expertise, our system permits anybody to submit a assist ticket, present suggestions, and report bugs with out having to enroll in a devoted assist account and confirm their e mail deal with. This open coverage implies that anybody can doubtlessly submit a ticket utilizing any e mail deal with.”
“Please relaxation assured that we don’t act on any account or course of delicate requests with out authenticated, direct instruction from the account holder.”
Zendesk instructed BleepingComputer which have launched new security options on their finish to detect and cease such a spam sooner or later.
“We have launched new security options to handle relay spam, together with enhanced monitoring and limits designed to detect uncommon exercise and cease it extra shortly,”
“We need to guarantee everybody that we’re actively taking steps – and repeatedly enhancing – to guard our platform and customers.”
Zendesk beforehand warned prospects about this kind of abuse in a December advisory, explaining that attackers had been utilizing Zendesk to ship mass spam emails by way of what it referred to as “relay spam.”
The corporate says that organizations can stop such a abuse by limiting ticket creation to solely verified customers and eradicating placeholders that permit any e mail addresses or ticket topic for use.
It is funds season! Over 300 CISOs and safety leaders have shared how they’re planning, spending, and prioritizing for the 12 months forward. This report compiles their insights, permitting readers to benchmark methods, establish rising traits, and evaluate their priorities as they head into 2026.
Find out how prime leaders are turning funding into measurable impression.
