How do scammers use the Shop app for phishing?

Attackers insert fake purchase receipts into users’ order histories, containing links to phishing sites or prompts to install malicious software under the guise of 'support'.

What data can be stolen through these attacks?

Scammers may access personal data, payment details, account credentials, or install remote-control software to hijack the victim’s device.

How can users protect themselves from such phishing attacks?

Users should verify order authenticity via official channels, avoid clicking suspicious links, and refrain from installing software from unexpected notifications. Enabling multi-factor authentication and using antivirus solutions is critical.

← All news

Security

Scammers Exploit Shop App for Phishing Attacks via Fake Orders

June 25, 2026

Photo: BleepingComputer

Quick answer

Cybercriminals leverage Shopify’s Shop app for phishing attacks by adding fake order receipts to deceive users into disclosing data or installing remote access software.

Cybercriminals have discovered a new method to deceive users through Shopify’s popular Shop app, designed for order tracking. Victims’ purchase histories display fake receipts mimicking legitimate orders, eroding trust and lowering vigilance.

Fraudulent notifications include links to phishing sites or requests to contact 'support,' which demands the installation of remote-access software like AnyDesk or TeamViewer. Once installed, attackers gain control of the device and may steal sensitive data.

Cybersecurity experts note that such attacks are becoming increasingly common, particularly during high online activity periods, such as sales events. Users are advised to verify orders through official channels and ignore suspicious notifications.

Shopify is taking steps to block these attacks, but scammers continuously refine their methods to bypass protections. Businesses and users must stay informed about threats and adopt modern security measures.

Common questions

How do scammers use the Shop app for phishing?: Attackers insert fake purchase receipts into users’ order histories, containing links to phishing sites or prompts to install malicious software under the guise of 'support'.
What data can be stolen through these attacks?: Scammers may access personal data, payment details, account credentials, or install remote-control software to hijack the victim’s device.
How can users protect themselves from such phishing attacks?: Users should verify order authenticity via official channels, avoid clicking suspicious links, and refrain from installing software from unexpected notifications. Enabling multi-factor authentication and using antivirus solutions is critical.

Dzen feed: /feed/dzen.xml · RSS: /feed.xml