Cyber: Zendesk Spam Wave Returns, Floods Users With 'activate Account' Emails

A fresh wave of spam is hitting inboxes worldwide, with users reporting that they are once again being bombarded by automated emails generated through companies' unsecured Zendesk support systems.

Some recipients say they are receiving hundreds of messages with strange or alarming subject lines.

Since yesterday, numerous social media users say they have begun receiving large bursts of emails with subject lines such as "Activate your account" and similar support-style notifications appearing to originate from different companies.

Recipients say the messages arrive in rapid succession and look like legitimate automated replies from customer support portals, despite never signing up or submitting a ticket.

"Anyone else getting a slew of failed account & support sign-up emails?" posted security researcher Jonathan Leitschuh on LinkedIn.

"Someone is DDoSing Zendesk support ticketing systems and other account creation processes across the internet with my email right now. Anyone know what the attacker is hoping to achieve here?"

Several users took to social media [1, 2, 3] to report their inboxes overflowing with similar messages:

Similar to the previous incident, the emails appear to be sent from real companies' Zendesk instances, allowing them to bypass spam filters and land directly in inboxes.

The activity strongly suggests attackers are once again abusing Zendesk ticket submission forms to trigger confirmation emails to large lists of addresses.

In January, a massive global spam wave was traced to attackers abusing Zendesk's ability to let unverified users submit support tickets.

Source: BleepingComputer