Question
My account received thousands of tickets coming from our Chat widget. How can I stop this spam attack?
Answer
Require authentification for request and uploads API
To to combat spam submitted through the API, which is the biggest cause of spam, follow these steps:
In Admin Center, click People in the sidebar, then select Configuration > End users > Anybody can submit tickets > Enabled. Then, the option Require authentication for request and uploads APIs will display. Select this option and click Save tab.
For more information, see this article: Requiring authentication for the requests API endpoint.
If you are being spammed, check the IP address of each request and temporarily disable the offline Chat form.
Check if the spammer is using the same IP address for every request
If the spammer is using the same IP address for every request, you can ban it. Consider banning the country of origin if your company doesn't have real customers contacting you from there. For more information, see the article: Restricting the Chat widget by country or domain.
Temporarily disable the offline chat form (or widget as a whole)
Disabling the offline form altogether or the widget as a whole is the most disruptive to your workflow. However, hiding or disabling your Chat widget for a short time, five to ten minutes, is usually enough to interrupt the attack.
To disable the offline Chat form, follow the instructions in this article: Managing offline form settings.
Under Settings, hide the Chat widget until it is configured to appear by a trigger or the API.
- Select Settings > Widget.
- Click the Settings tab.
- In the Hide Widget section, make sure the Turn off Chat Widget checkbox is not selected.
- If you've unchecked the box, click Save Changes.
Alternatively, if you have the widget embed in your Help Center, remove the entire integration under Guide Admin > Settings > Integrations. Unselect the Chat option to make the entire integration disappear. For more information, see the article: Enabling Chat for your help center.
For information about cleaning up any spammy tickets that may have resulted, see the article: How can I bulk delete spam tickets in Zendesk?
6 comments
Pedro Reis
Unfortunately, that doesn't solve anything. The widget should have a captcha or two factor of some sort.
We had a spam attack, and even after having enabled "Require authentication for request and uploads APIs.", spam tickets were continuously being created.
By the way, your new "messaging" support channel doesn't work at all. I tried to get help and had no success - unreplied messages and tickets were solved and closed without any intervention.
3
Dane
I apologize for the experience that you have regarding our support.
Just to make sure that you will get the assistance you need, I'll personally create a ticket for you and work on it. Please wait for my update.
Cheers,
Dane
0
Oliver Jackson
How can we prevent spam from being submitted via the Offline Form? Is there honestly no way of doing this? It's virtually useless without this functionality because of the sheer volume of junk which comes in. Consequently our data becomes contaminated by the endless stream of spam messages.
0
Dane
As it turns out, the only option is to turn if off or use JWT Authentication.
0
Søren Reinewald
I am getting a low volume of spam through our web widget. However i am suprised to see this, as we only use or web widget on a site with password protection.
Is there somehow I can see from which url the web widget was used?
My theory is we have an open test/qa environment somewhere that no one is aware of, and it not protected by password.
1
Destiny
It's unfortunate to hear that you've been encountering spam through the web widget. To thoroughly trace the source of this issue (specifically, the originating URL), I recommend contacting our Support team. They'll need you to provide examples of the affected tickets for a detailed examination.
You can find the instructions on how to get in touch with Zendesk Support here. Please ensure you log in with your Admin or Agent account to confirm your identity fully.
We appreciate your cooperation and look forward to your response to resolve this matter effectively.
0