Okta/auth0 enabled domain spam/flooding/phishing activity

user912390878909876 · May 7, 2025, 2:54pm

Hi!

I’ve recently noticed a smattering of account verification emails from no-reply@auth0user.net for accounts in our security catchall mailbox.

It appears that a malicious third party is attempting to sign up to your services using our domain, hoping that one of our people might accidentally click on the account verification link.

I’ve reported this to customer service yesterday but haven’t heard back, and it appears the actor(s) aren’t being blocked and the activity continues.

I’ve unfortunately had to resort to reporting all auth0 mails as spam and phishing activity.

We’re not an auth0 customer at this time.

remus.ivan · May 7, 2025, 6:30pm

Hi @user912390878909876,

I am sorry about the issue that you are facing.

It is firstly to be specified that no-reply@auth0user.net is the default email address suggested in the From field for Auth0 tenants, such as when using our email templates.

What i would recommend is to report this phishing attempt directly by providing detailed information via email at phishing@auth0.com, which is specifically designated for this type of reports.

Please let me know how this goes.
Thanks,
Remus

Topic		Replies	Views
Is this e-mail spam? Get Help spam	3	4890	February 23, 2022
Hi guys we detected something phishy from auth0.com email domain Get Help request-for-information , subscription-billing	1	918	July 19, 2023
Verification Code email is going to spam with new auth0user.net mailfrom Get Help sessions , authentication-sessions	3	1587	November 2, 2023
Tons of new signups, possibly spam? Get Help login-experience , signup-prompt-new-experience	2	127	October 29, 2024
Can't Verify Email on https://support.auth0.com/ Get Help	20	6051	July 27, 2019

Okta/auth0 enabled domain spam/flooding/phishing activity

Related topics