Hi
So I use a specific email address for Plex and Plex alone. Today I received a spam email from an Amazon seller sent specifically to this address.
Has there been a leak recently that I missed?
Exactly the same here, unique email address for Plex, got spammed by Amazon. 
I have two Plex accounts and both have received, earlier today, crap email from Amazon.
I also have two Amazon accounts BUT neither Amazon account uses the same address as either of my Plex accounts.
The address sending the crap is R31P_no_reply@amazon.com and it says it was sent via Amazon with a subject of:
Amazon wants you to see this item at Amazon.com
I will make sure I never deal with that seller as I detest unsolicited email sending me crap and I want Plex to make sure that they do not share my email with the spammers any more.
I KNOW that Plex is at fault as one on the involved emails is used only for a secondary Plex account.
Plex REALLY needs to tighten up their security or look closer at the bastards they share with.
I’ve just double checked, and actually it’s an old email address that I used until the 2015 data leak. I reckon it’s related to that, and not a recent one.
“Plex: In July 2015, the discussion forum for Plex media centre was hacked and over 327k accounts exposed. The IP.Board forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.”
Compromised data: Email addresses, IP addresses, Passwords, Usernames
As soon as this happened, I changed email address, username and password.
The Amazon spam was sent to the old, now unused, email address.
They can claim what they want, falsifying the FROM: part in an email is child’s play.
You should bring the article and the merchant to the attention of Amazon customer support.
They might want to know if one of their partners is using harvested emails to spam Amazon customers.
Of course I have done that, I am NOT stupid, but the only place anyone could have gotten one of the involved emails is from Plex. The other “might” have been from the old data breach but one did not even exist in 2015.
Please send me the email address per PM or write to the Plex Pass support staff.
Otto, the headers contained DKIM, ARC and SPF passes and made it through Gmail anti spam. Whilst it originated from Amazon, I don’t think it was actually Amazon themselves, but rather a marketplace reseller using the name “Amazon”.
I’ll DM the headers to you.
I received one of these today too, headers confirmed it came from an Amazon mail server. I had no reason to assume it was related to Plex however as I use the mail account elsewhere aside from Plex.
I believe this person is using Amazon’s product share feature, where you specify someone’s email address on the Amazon site to send them a link to a product through the site. I’d guess the sender receives an affiliate fee for any purchases through the link.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
