A recent uptick in spam may have impacted your account over the past few weeks. This article outlines our recommendation for action that will discourage spammers who might try to target your account.
These tickets may have the web_widget tag, but in observed cases, the tag was actually added by the spammer. If you view the events of the spam ticket (see Viewing all events of a ticket) and look to the very bottom of the page, you’ll see that it was submitted via Web Service. This indicates it was created via API (see How are ticket channels defined across Zendesk?).
The primary goal of spammers is to use your triggers to pass spam content to other users via placeholders. To that end, we recommend removing placeholders from the default Notify requester of received request trigger. If you have customized triggers, you’ll also need to remove any of the placeholders that pass the comment or title content of the ticket to the end-user upon ticket creation.
Step 1: Remove placeholders that spammers target
In this example, we're updating Notify requester of received request.
- Under Meet ALL of the following conditions, add the condition Current User > is > (end-user)
- Under Actions, refer to the Email subject and Email body fields. Remove these two placeholders
Removing these placeholders renders your trigger useless to spammers, since it will no longer share their spam content with recipients. This will not immediately stop the flow of spam tickets, but will prevent spammers from reaching end-users, and you should eventually stop seeing spam come in.
Step 2: Create a new trigger for agent-created tickets
In step 1, we removed the placeholders that give your users context about tickets created on their behalf. If your agents create tickets on behalf of end-users (for example, sending out proactive emails), you'll need to create a new trigger that notifies users of the content of those tickets (but doesn't allow spammers to do the same).
In this example, we create a new trigger that we'll call Notify requester of new proactive ticket:
- Under Meet ALL of the following conditions, add the following conditions:
- Ticket > is > Created
- Privacy > is > Ticket has public comments
- Current user > is > (Agent)
2. Under Actions, select the following actions:
- Email user > (requester and CCs)
- Email Subject:
- Email Body:
This ticket was created on your behalf.
To add additional comments, please reply to this email.
Making these recommended changes will not immediately prevent spammers from targeting your account, but it will stop spam from being passed through your notifications. Once these changes are made, the spam should stop in a few days.
For more information on spam prevention on other channels, please see Spam prevention resources.