Attackers are abusing unsecured Zendesk support ticket forms to flood inboxes worldwide with automated “Activate your account” and support-style emails that bypass spam filters. The surge mirrors a January relay-spam campaign that hit companies including Dropbox and 2K, raising concerns that recent Zendesk safeguards may not fully stop this abuse. #Zendesk #RelaySpam
Keypoints
- Automated emails with subjects like “Activate your account” are being sent en masse via exposed Zendesk instances.
- Messages look like legitimate support confirmations and can bypass spam filtering.
- Recipients report receiving hundreds of rapid, unsolicited messages without creating accounts.
- The activity resembles a January relay-spam campaign that affected companies including Dropbox and 2K.
- Zendesk introduced safety features earlier, but the renewed abuse suggests those measures may not be fully effective.