Today, I received an email from Amazon JP about an order I did not make. I logged in to check and there was no such order. Called customer service, and they found no such order from my account, the order number did not exist on my account l, and they sent no such email to my account as well.
The suspicious mail was from, and I copy & paste, “auto-confirm@amazon.co.jp”, which seemed similar to the mail I used to receive from Amazon JP. The content was the same, even the button can be clicked to be sent to amazon log in page.
Has anyone had this issue before ? Or does anyone know what might have happened?
PS: I have been using two-factor, and received no OTP.
7 comments
You might’ve been a victim of brushing.
Any person with some knowledge in server stuff can fake an email domain like [payment@amazon.com](mailto:payment@amazon.com) . But most email provider can detect when it’s fake and move it straight into spam/trash folder.
I get fake Amazon messages all the time, you have to be really cautious about clicking the links in those messages. Check the full mail header to see where it was actually sent from, never trust the From address or the apparent links in the message.
It is a well established scam – your account may be compromised if you logged in following the link.
Whatever you do, do not click links out of these emails or text messages. Spoofing an email account is not impossible. This is not limited to Amazon or Japan. Don’t trust the internet.
Are you sure the sender is amazon? You could click the name. They can change the name as well to look like email address. But in reality it is just name and if you click the name the real fake email will show
You can try to [report it to Amazon JP](https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjS-ITm7dD6AhUHAN4KHTX1AVkQFnoECCAQAQ&url=https%3A%2F%2Fwww.amazon.co.jp%2F-%2Fen%2Fgp%2Fhelp%2Fcustomer%2Fdisplay.html%3FnodeId%3DGRGRY7AQ3LMPXVCV&usg=AOvVaw2GplbbZl61hCAMaRTfPm7U).
And forward the email to them ([stop-spoofing@amazon.com](mailto:stop-spoofing@amazon.com)) with full headers.