There may be times when tickets are flagged to bring attention to a potential risk. For example, depending on your account setup, tickets might be flagged when an unknown user adds a comment or the ticket is submitted by a user who isn't signed in.
When a ticket is flagged, it means that a flag appears as a warning icon beside a comment in the ticket. The ticket is not flagged in any ticket views, but you can hover over the warning flag for more information.
Your workflow isn’t affected when tickets are flagged, but there are certain actions you can take to handle flagged tickets. Read this article to understand when tickets are flagged and the options available to handle them.
Understanding when tickets are flagged
Tickets may be flagged when a customer submits a ticket without signing in or when an unknown user, who was not added to the ticket as a CC, updates an existing ticket.
-
Flagged tickets from
registered users who are not signed in
With an open Zendesk Support instance, you can allow customers to submit tickets without registering for an account or signing in to an existing account. This lets your customers get help quickly without taking extra time to register or sign in.
However, if a customer submits a ticket without signing in, it will be flagged. This is done because the user supplies an email address when they submit the ticket, and it is relatively easy for a user to pretend to be someone else by using an email address they don't own. There's an inherent risk that comes with allowing ticket submission by users who are not signed in, and it can be an opportunity for social engineering.
-
Flagged tickets from
unknown users who are not explicitly added to the ticket
Tickets are also flagged if an unknown user, who was not added to the ticket by the requester or an agent as a CC, updates an existing ticket. The unknown user’s comment is flagged and added to the comment stream as a private note. Most likely, the email was forwarded by the requester to an unknown user or to an unverified email account (such as a secondary email address) and then replied to.
Handling flagged tickets
Consider the following options when handling a flagged ticket.
- If you're comfortable with the comment, ignore the warning flag and handle the ticket as you normally would. You cannot remove the flag.
- If you're not comfortable with the comment, you can raise a concern with your
manager or consider temporarily suspending the user.
Depending on the nature of the comment, you might want to raise a concern about the ticket with your manager. Also, you can consider temporarily suspending the user, to prevent them from submitting more tickets, until you can investigate and feel comfortable enough to reinstate the user. (See Suspending a user).
- To allow the new user to comment publicly on the ticket, an agent, the requester, or a CC on the ticket must add the user as a CC. The Make email comments from CCed end users public (not recommended) option must also be enabled. See Changing the default comment privacy for end user CCs for why we don't recommend enabling this option.