Cybercriminals Exploit Zendesk Feature in Massive Spam Campaign

Cybercriminals are exploiting a standard feature of Zendesk to carry out a massive spam campaign. Attackers are sending thousands of emails that appear to be authentic notifications from well-known companies. The exact purpose of this campaign remains undetermined. Most analyzed cases do not contain malicious links. The primary observed impact is the saturation of users' inboxes. Researchers and users have reported this activity, which has been dubbed "legitimate spam" due to the misuse of a legitimate service.