A global spam campaign is abusing misconfigured Zendesk support systems to send unsolicited emails that appear to come from trusted companies.

Continue reading
A widespread spam campaign is currently exploiting customer support systems built on Zendesk, flooding inboxes worldwide with unsolicited emails that appear to come from legitimate companies.
The abuse relies on a common configuration choice: many Zendesk-powered help desks allow anyone to submit a support ticket without verifying the email address first. When a ticket is submitted, Zendesk automatically sends a confirmation email to the address provided.
Attackers are taking advantage of this by:
The result is a global wave of spam delivered through trusted infrastructure.
Because the messages originate from real Zendesk servers and reference well-known brands, they often pass standard email security checks. To recipients, the emails look legitimate even though they were never requested.
Reported subject lines and content include:
There is currently no evidence that the emails contain malware or active phishing links, but the volume and credibility make them disruptive and confusing.
Support systems tied to many recognizable organizations have been abused, including:
Several affected companies have confirmed the issue publicly and advised recipients to ignore the messages.
Zendesk has acknowledged the abuse and says it has deployed additional safeguards to reduce automated ticket spam and limit misuse of its platform. The company is also encouraging customers to review their help desk configurations.
Recommended mitigations include:
This incident highlights how legitimate SaaS platforms can be repurposed as spam delivery systems when basic verification controls are left open. While the emails themselves may be harmless, the scale and credibility of the messages make the abuse particularly effective and difficult to block.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation