Discussion
Loading...

Post

Log in
  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Esparta :ruby:
Esparta :ruby:
@esparta@ruby.social  ·  activity timestamp 3 weeks ago

This morning I did receive five (5) notification of services created on my behalf using GitHub-related (and #discord) email accounts:

- Canary Mail
- Angel Studios
- Quora
- Branded
- Cardi.Health
- (new since posted)
- Replika
- VSCO
- Medium
- Headspace
- Commuinity.com
- Survive the ARK
- Jimdo
- Dropbox

I'm still not sure if this still an issue with the last #zendesk breach or an ongoing #GitHub one.

2 media
partial screenshot of one of my inbox, with 4 columns: Subject, Correspondents, spam, Date

- Activate account for Quora,
  Quora Support < support@quora.com >
  11:27 AM
- Activate account for Branded
  Branded <support@gobranded.zendesk.com>
  11:27 AM
- Activate account for Cardi.Health
  CardiHealth <hello@cardi.health>
  11:27
partial screenshot of one of my inbox, with 4 columns: Subject, Correspondents, spam, Date - Activate account for Quora, Quora Support < support@quora.com > 11:27 AM - Activate account for Branded Branded <support@gobranded.zendesk.com> 11:27 AM - Activate account for Cardi.Health CardiHealth <hello@cardi.health> 11:27
partial screenshot of one of my inbox, with 4 columns: Subject, Correspondents, spam, Date - Activate account for Quora, Quora Support < support@quora.com > 11:27 AM - Activate account for Branded Branded <support@gobranded.zendesk.com> 11:27 AM - Activate account for Cardi.Health CardiHealth <hello@cardi.health> 11:27
partial screenshot of one of my inbox, with 4 columns: Subject, Correspondents, spam, Date

- Activate account for Canary Mail
  Canary Mail <support@canarymail.zendesk.com>
  11:29 AM
- Activate account for Angel
  Angel <support@angelstudios.zendesk.com>
  11:29 AM
partial screenshot of one of my inbox, with 4 columns: Subject, Correspondents, spam, Date - Activate account for Canary Mail Canary Mail <support@canarymail.zendesk.com> 11:29 AM - Activate account for Angel Angel <support@angelstudios.zendesk.com> 11:29 AM
partial screenshot of one of my inbox, with 4 columns: Subject, Correspondents, spam, Date - Activate account for Canary Mail Canary Mail <support@canarymail.zendesk.com> 11:29 AM - Activate account for Angel Angel <support@angelstudios.zendesk.com> 11:29 AM
  • Copy link
  • Flag this post
  • Block
Dave Copeland :ruby:
Dave Copeland :ruby:
@davetron5000@ruby.social  ·  activity timestamp 3 weeks ago

@esparta I'm on 35 of these and counting

  • Copy link
  • Flag this comment
  • Block
Esparta :ruby:
Esparta :ruby:
@esparta@ruby.social  ·  activity timestamp 3 weeks ago

@davetron5000 all of them today, or accumulated?
I've notice that this is happening with #discord-related email, so it's possible all of them: #github, #zendesk, #discord ?

Do you notice some pattern?

  • Copy link
  • Flag this comment
  • Block
Dave Copeland :ruby:
Dave Copeland :ruby:
@davetron5000@ruby.social  ·  activity timestamp 3 weeks ago

@esparta All today within a few hour period. I've noticed both my gmail address and then my gmail address with random characters after a +. The sites are just all over the place as to what they are.

  • Copy link
  • Flag this comment
  • Block
Esparta :ruby:
Esparta :ruby:
@esparta@ruby.social  ·  activity timestamp 3 weeks ago

@davetron5000 thanks!

you made me look in my old gmail account, and that's correct: a couple of registrations with `$myhandle+$SOME_CHARS@gmail.com`

- Medium
- HeadSpace

the only pattern now still #github + #zendesk

I'm still scratching my head about the why? Do they try to DDoS their registration systems?

  • Copy link
  • Flag this comment
  • Block
Dave Copeland :ruby:
Dave Copeland :ruby:
@davetron5000@ruby.social  ·  activity timestamp 3 weeks ago

@esparta Could be related to this: https://www.bleepingcomputer.com/news/security/zendesk-ticket-systems-hijacked-in-massive-global-spam-wave/

Thought I'm not sure what the endgame would be?

BleepingComputer

Zendesk ticket systems hijacked in massive global spam wave

People worldwide are being targeted by a massive spam wave originating from unsecured Zendesk support systems, with victims reporting receiving hundreds of emails with strange and sometimes alarming subject lines.
  • Copy link
  • Flag this comment
  • Block
Esparta :ruby:
Esparta :ruby:
@esparta@ruby.social  ·  activity timestamp 3 weeks ago

@davetron5000 yeap, that's what I meant in OP, the breach was real and people got SPAM, back in those day I received zero SPAM messages.

This is kind of new, it's a legit registration, no fake domains, all emails for real. A _clean_ automation. It's an annoying situation but inconsequential.

My guessing about endgame: make #zendesk know their bases belongs to whoever hacked them.

My second guess is this a very low scale, and we are not important enough so the media don't pick this issue up

  • Copy link
  • Flag this comment
  • Block

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.2-alpha.29 no JS en
Federation disabled
Log in
  • Explore
  • About
  • Members
  • Code of Conduct