28d • Jira
Spam campaign abuses Atlassian Jira - targets government and corporate entities
Details are emerging about a widespread email spam campaign during December 2025 and January 2026 that leveraged the trusted Atlassian domain and used valid email authentication methods to bypass traditional email security filters to deliver emails appearing to be from Jira! The emails had links which would have redirected the user to a recognised email traffic distribution which was configured to redirect them to targets containing various spam/phishing landing pages.
All this was done with Atlassian free sites and automation to send the emails! It's quite impressive and a little worrying! 😟
This article has a handy "indicators of compromise" section if you want to ask your email/Security teams to investigate further.
1
0 comments
Spam campaign abuses Atlassian Jira - targets government and corporate entities
skool.com/atlassian-everything
An exclusive community for Atlassian users to learn, share, and build smarter solutions that make work simple. We talk Jira, Confluence, and more!
Leaderboard (30-day)
1
+10
2
+7
3
+6
4
+4
5
+4
Powered by