Back Issues This Week → Calendar → Current Issue → Popular →

All issuesVolume 335, Issue 3IT Vendor NewsTrend Micro

Spam Campaign Abuses Atlassian Jira, Targets Government And Corporate Entities

Trend Micro, Tuesday, February 17th, 2026

We uncover how a campaign used Atlassian Jira Cloud to launch automated and targeted spam campaigns, exploiting trusted SaaS workflows to bypass security controls.

Key takeaways:

Attackers abused Atlassian Cloud's trusted domain for a spate of spam campaigns. The campaigns tried to leverage the domain name and reputation of this legitimate and well-known SaaS platform.

Emails were tailored to target specific language groups, targeting English, French, German, Italian, Portuguese, and Russian speakers - including highly skilled Russian professionals living abroad.

These campaigns not only distributed generic spam, but also specifically targeted sectors such as government and corporate entities.

Keitaro Traffic Distribution System (TDS) powered redirects, channeling targets to dubious investment schemes and online casinos, indicating that financial gain was likely the primary motive behind these campaigns.

Organizations using Atlassian Jira were prime targets, especially those with high email volume and have a heavy reliance on collaboration tools, environments where Jira notifications are routinely trusted.

Enterprises should deploy advanced email security solutions such as TrendAI Vision One Email and Collaboration Security, which provide layered detection and identity-aware controls to better detect and block phishing and abuse of trusted SaaS platforms.

more →  ·  More from Trend Micro →