A fresh wave of spam is once again flooding inboxes worldwide, with users reporting hundreds of automated emails generated through unsecured customer support portals powered by Zendesk.
Since yesterday, many users say they have received rapid bursts of emails with subject lines like “Activate your account” and other support-style notifications. The messages appear to come from legitimate companies, even though recipients never created an account or submitted a support ticket.
Security researcher Jonathan Leitschuh highlighted the issue on social media, saying his inbox was overwhelmed with failed account and support sign-up emails. He suggested attackers may be deliberately flooding Zendesk ticket systems, effectively using them as a way to spam large numbers of email addresses at once.
Multiple users across social platforms reported similar experiences, sharing screenshots of inboxes overflowing with identical messages. The emails closely resemble real automated replies from company help desks, which allows them to bypass spam filters and land directly in inboxes.
The activity strongly suggests that attackers are abusing Zendesk ticket submission forms, which automatically send confirmation emails to any address entered. By submitting tickets in bulk with random or targeted email addresses, attackers can turn exposed support portals into large-scale spam relays.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
