Malware scanning is a security feature that scans all file attachments to tickets and blocks any that are flagged as potentially malicious. When an attachment is flagged as malware, agents are prevented from downloading the file unless an admin overrides the malware identification.
About malware scanning
- Help center Submit a request form
- Attachments API
- Support Mobile SDK ticket form
- Web Widget Classic ticket form
- Agent workspace
- Web Widget for Messaging
- Zendesk Mobile SDK for Messaging
- All files attached by agents via the Agent Workspace, regardless of the channel of communication with end users
Whether agents see a notification about a blocked attachment and whether admins can override the malware designation depends on the Zendesk product, the agent interface in use, and the channel from which the attachment originated. Specifically, warning labels are only displayed on potentially malicious attachments if email attachments are enabled for the account and agents are working in Support on desktop.
Linked attachments are scanned, but warning labels aren't displayed. Instead, agents just won't be able to open the link.
Attachments to tickets originating from Messaging, stand-alone Chat subscriptions, and social messaging channels aren't scanned.
Reviewing potential malware attachments
Malicious attachments to tickets and conversations in Support and Zendesk Suite are inaccessible to agents, but admins have the option to download the flagged attachments and decide whether to allow agents to access them or keep them restricted.
- In a ticket, click the download icon () on the potentially malicious attachment and then click Proceed in the confirmation dialog to download the attachment.
- After reviewing the potentially malicious attachment, under the attachment in the ticket click Allow access.
- If you want to re-enable agent restrictions to a potentially malicious attachment, under the attachment in the ticket click Restrict access.