Zendesk
January 18, 2026
•[ spam campaign, email abuse, unsolicited messaging ]
A large-scale spam campaign abused Zendesks support-ticket functionality, where unverified users can submit tickets that trigger automatic confirmation emails to the address provided. Beginning around January 18, 2026, recipients worldwide reported receiving hundreds of emails with unusual or alarming subject lines, generating confusion and disruption. The reports indicated that attackers were leveraging support platforms run by companies that use Zendesk for customer service; the immediate impact was mass unsolicited messaging rather than confirmed data theft.
