CloudSEK researchers discovered a vulnerability in Zendesk's platform that allows cybercriminals to exploit subdomain registration for phishing and investment scams. Attackers can create fake subdomains mimicking legitimate brands, leveraging Zendesk's professional appearance and email features to send phishing emails that lure victims into sharing sensitive data or funds. A demo attack revealed how cybercriminals registered convincing subdomains, sent malicious links, and redirected users to fake platforms for fraud. The research also highlights a flaw in Zendesk’s email validation process, enabling attackers to disguise phishing attempts as legitimate ticket assignments that land in users’ primary inboxes. CloudSEK has disclosed the vulnerability to Zendesk, urging them to address the security risks promptly. Continue here.
