I’ve seen a few hundred of these emails in the past couple days coming in from multiple different companies.
I’m looking for more info.
at least one said it was zendesk, most did not say any software.
the tickets are being sent with CC addresses that contain large email lists. often others on the CC who don’t know what’s happening will reply “stop emailing me”.
so far I’ve seen this coming in to multiple addresses and none of the sending companies are familiar either.
sounds familiar to anyone? any info on this? it’s there a name i can lookup to find more info? i want to know what services this effects so i can properly protect my stuff and my work stuff.
Why do you think anything is hacked? It’s trivially easy to send an email pretending to be someone else. There’s no validation.
Do they contain valid data or something?
SPF.
Optional, but recommended. But doesn’t guarantee anything unless both sides respect it. Also, IP spoofing is a thing.
Email is a broken protocol. There’s a great copy pasta about why it can’t or won’t be fixed, which I unfortunately can’t find. But it boils down to the fact that you can’t get everyone to agree on, or implement, the fixes necessary to prevent spam.
Use a host that requires it. Done?
this isn’t that