Spammers are exploiting Zendesk's email reply functionality to flood inboxes with legitimate-looking support ticket notifications by submitting tickets from arbitrary email addresses, causing recipients to receive unwanted replies they cannot easily filter since the emails originate from genuine Zendesk infrastructure. The issue stems from Zendesk accepting any email address as a ticket source and automatically replying to it, a problem the company has been aware of since at least last year, leaving administrators and their users vulnerable to high-volume spam campaigns that bypass standard email filters.
Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why? Malwarebytes
Comments URL: https://news.ycombinator.com/item?id=46685768 Points: 10 # Comments: 6