Spam via Web Widget

11 Kommentare

  • Thomas Verschoren
    Aktionen für Kommentare Permalink

    One quick and dirty work around:

    1. Create an organisation named SPAM
    2. Add all blacklisted domains to the organisation, with a space between each domain.
    3. Create a trigger: IF ticket is created and organization is SPAM: , then close the ticket and add a tag SPAM

    It does not prevent tickets from being created but it hides them from agents + the added tag makes it possible to filter them from Explore reporting.

    -1
  • Peter Hochstrasser
    Aktionen für Kommentare Permalink

    Hi Thomas

    My solution uses the organization spammer, the rest is exactly the same. Thanks for sharing.

    Drawback is that it counts them into the totals, too.

    Yours truly

    Peter

    1
  • Klaus Even Enevoldsen
    Aktionen für Kommentare Permalink

    We get the same SPAM all the time and I don't understand how it can be sent using the web widget as access to our site is protected by username and password.

    0
  • Devan - Community Manager
    Aktionen für Kommentare Permalink

    Hello Klaus,

    So when it comes to spam and protecting yourself from it, I would recommend looking into this article on implementing some of our best practices.

    How can I stop spam attacks? 

    Best regards.

    0
  • Klaus Even Enevoldsen
    Aktionen für Kommentare Permalink

    Hello Devan,

    Thank you. Yes, I did that. The problem though is that the SPAM originates from the Web Widget and not from the contact form.

    Best regards.

    0
  • Jack
    Aktionen für Kommentare Permalink

    Same problem here. The ticket all showing coming Web Widget under Channel. Not from API or Chat widget.

    I can not even duplicate that and adding the qq.com's email domain under blacklist does not help. 

    How are the spammer is doing it through Web Widget? 

    1
  • Trapta
    Aktionen für Kommentare Permalink

    Hi @Jack, take a look at this post: https://support.zendesk.com/hc/en-us/articles/203663286-Using-the-whitelist-and-blacklist-to-control-access-to-Zendesk-Support

    Let us know if this solves the issue.

    Thanks

    -1
  • Tom
    Aktionen für Kommentare Permalink

    Trapta, Devan - Community Manager

    Blacklisting does NOT resolve this issue. qq.com is correctly blacklisted (reject:qq.com) under Settings > Customers and yet spam tickets are still being created.

    Previously these were coming through the Web Widget but now they're coming through "Via Mobile SDK". I want to be super clear here: We do not use the Mobile SDK, have never used it, and have not agreed to your licence agreements for it.

    Besides the obvious spam problems, the secondary problem is noise in the Explore reports. If the domain is blacklisted we can't place them in an organization to filter them out from our overall reports, and even if they are filtered they still count towards our ticket count totals.

    This is a major issue for us.

    2
  • Peter Hochstrasser
    Aktionen für Kommentare Permalink

    Hi @Trapta, @Devan

    As Tom points out, your vision on this seems to be incomplete here: You do not use the e-mail blacklist to verify entries from any other channels. Even if they enter their e-mail address in the Web Widget, the address is not scanned and recognized as from a blacklisted domain. That is one of the problems, as I pointed out in the main entry above.

    P.

     

    1
  • Thomas Verschoren
    Aktionen für Kommentare Permalink

    Hey,

    We see this also with MULTIPLE clients:

    They get spam via widget or mobile SDK but have NEITHER channel enabled.

    @qq.com is one for example, same with other chinese or russian (or seemingly) locales.

    3
  • Peter Hochstrasser
    Aktionen für Kommentare Permalink

    Regarding the solution outlined above: There is one additional, unexpected drawback:

    While Zendesk does not check e-Mail addresses from other channels against their blacklist, they DO check the mail domains assigned to Organizations against their blacklist...

    Result: You cannot blacklist a domain that is assigned to an Organization.

    So, while Zendesk delivers a one-channel-only solution, we (Thomas and myself) have outlined above a working solution which works around Zendesk, for any channel you like.

    Dear Zendesk Development: Please complete your vision:

    • Please make blacklisting work in all channels where the information is applicable, and
    • Please make the error which does not allow to add a domain to the blacklist if it belongs to an organization a warning.

    Thank you for listening and acting.

    P.

    1

Bitte melden Sie sich an, um einen Kommentar zu hinterlassen.

Powered by Zendesk