We had a user in the last 24 hours send a series of 'test_test' titled tickets via the email channel, with similar junk data in the body of the ticket. The user was inside our organization, but unrelated to our Zendesk, so I've reached out to find out why.
While this is easy to do internally, if this had been a compromised internal email looking for an exploit, this would be more time sensitive than I initially thought. Zendesk has some system features to prevent some activity, but are there best practices related to user behavior that seems suspicious, or that an admin should be suspicious about?