- CloudSEK Security Researchers Observed Hackers Running Pig Slaughter Scams
- They pose as legitimate companies through Zendesk services.
- Researchers said Zendesk’s research system is not comprehensive enough
A new report from cybersecurity researchers CloudSEK has found that cybercriminals are abusing Zendesk to run spoofing scams, and hackers are abusing simple Zendesk features to engage in “pig butcher” scams and deceive businesses. people to take their money.
Zendesk is a customer service and engagement platform that helps businesses manage customer interactions across multiple communication channels.
The platform allows users to register free trial accounts which in turn grants the ability to create subdomains, which unfortunately allows criminals to abuse it on a large scale.
pig slaughter
First, they would create a fake subdomain, imitating a legitimate company, which would be used to send phishing emails posing as real customer support communication.
Since Zendesk is a legitimate company, emails often bypass spam filters and, disguised with precise branding, land directly in people’s inboxes. The emails apparently contain an image hyperlinked to a phishing page, where the scam continues.
The goal of the scam is to get people to invest in a fake investment platform or support page, a staple of pig slaughter scams. The scheme is designed to last as long as possible, draining money from the victim until they realize they have been defrauded.
The problem, according to CloudSEK, is that Zendesk does not perform extensive email validation when adding users to subdomains. “This monitoring allows attackers to target employees or customers with phishing attempts masquerading as legitimate ticket assignments,” the researchers said.
Zendesk has been informed about the flaw and its potential for misuse, following CloudSEK’s responsible disclosure policy, CloudSEK concluded. We have reached out to the company and will update the article if we hear back.
