Hackers are abusing Zendesk to run brand impersonation scams

Security researchers from CloudSEK have discovered cybercriminals using Zendesk to run brand impersonation scams, known as pig butchering scams. Hackers create fake subdomains mimicking legitimate companies to send phishing emails, tricking people into investing in fake platforms. The researchers noted that Zendesk’s vetting system is not thorough enough, allowing attackers to target individuals with phishing attempts disguised as legitimate ticket assignments. CloudSEK has informed Zendesk of the flaw and is waiting for a response.

Full Article