Hacker cloned my store.

Mohammad_Imranu
New Member
2 0 0

Hello,

I have an ecommerce shopify store. I created it one year ago. I found my store in another domain. Someone bought a domain last week and 100% cloned my store. He hosted the store in a Virtual private server. He also synced my store with his store. When I add product to my original store then it is automatically add to the fake store. And same for the delete. I submited a DMCA Takedown notice here : https://www.shopify.ca/legal/dmca . Now how can I removed the sync ?

Replies 37 (37)
Dallas
Shopify Staff
Shopify Staff
915 61 189

Hi, Mohammad. 

Dallas here from Shopify Social Care. 

For this issue, I am going to have to send it over to a specific team. I have sent you an email to the email address attached to this forum account. If you could reply back from the account owner email on file that will be great. 

I will list the other things that I need to be sent over in that email as well. Please keep an eye out for it. 

If you don't see it in the next 24 hours please check your Spam folder.

Best,
Dallas

Dallas | Social Care @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog

Mohammad_Imranu
New Member
2 0 0

Hey Dallas,

I replied from my account owner email 2 days ago, but still I did n't get any solutions.

Thanks Imranul.

 

Dallas
Shopify Staff
Shopify Staff
915 61 189

Hi, Imranul,

I have sent you an email. If you don't see it in your inbox please let me know!

 

Best,

Dallas

Dallas | Social Care @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog

Pitterz
New Member
4 0 0

Help, this happened to me too in the last 30days.

 

I've reported it to their domain registrar and submitted a copyright claim to Shopify but what else do I need to do? Why are they doing this?

 

Thanks

WerkingForce
Tourist
7 0 2

Hey, I was wondering if this is messing up your SEO?

Pitterz
New Member
4 0 0

No it isn't but it's recent and all my existing content was already indexed with canonicals. I'm not interested in the SEO side of things, it's getting this cloned site taken down so it doesn't harm the brand or worse that's the concern.

Pitterz
New Member
4 0 0

Shopify responded to me and said, very bluntly, that they won't do anything because they don't host the domain! 

 

The rogue site is hosted with DigitalOcean, LLC and registrar for the domain is Namecheap so submitted abuse reports with both of these two but heard nothing back yet.

 

The rogue site looks like a mirror.

 

Any other advice or anyone else at Shopify other than their unhelpful legal department that might be able to help with this?

WerkingForce
Tourist
7 0 2

Taking it down would probably be the best idea!

Pitterz
New Member
4 0 0

Taking what down? I'm obviously not going to take my site down and have no control over their site? I've flagged the issue with their registrar, their host, trading standards and still awaiting a response from all those parties. I tried with Shopify but they weren't helpful despite everyone saying Shopify will help you get it taken down, so posted on here to let others know that they won't unless it's hosted with themselves.

Madison09
Excursionist
22 0 4

Hi!

This really sounds stressful! Been through this a lot and I have invested money but ended up other stores are benefitting from it. I came across this UNIQUE app, and it is very cool. It detects other stores that use my brand's images and contents... It automatically sends a notification to me through email and it automatically deletes those photos.

Try it. they have a free trial.

https://apps.shopify.com/unique-anti-theft#reviews

Hope this helps.

Iva1
New Member
2 0 0

I think I have the exact problem. The malicious website has similar name as our brand and is registered in Chinese registrar. Our website appears mirrored on that domain address with the exception of their homepage which opens shady looking lottery in Chinese language. It definitely hurts the SEO of the website as well. It appears in search results close to my website. I have contacted shopify support about this and I hope to get it resolved as soon as possible.

Zoes
Tourist
6 0 1

Hi,

We are experiencing the same problem right now. 

We submitted DMCA with both shopify and their domain registrar as soon as we found out, but they have all come back saying they can't take them down. I've also tried to look for their hosting provider, but it's hiding behind Cloudflare. We've filed DMCA with google as well, but not sure if it will help or not.

Have any one found any solution at the end? It's so frustrating not knowing what can be done to take them down, or how to prevent it in future. 

Thank you

David_Sullivan
Shopify Partner
3 0 4

This recently happened to a shop I work on. Here's what I added to theme.liquid to prevent the theme from working on other domains:

Add this to your theme.liquid inside the <head> tag:

<script>
if (window.location.hostname.replaceAll('.','') !== "wwwexamplecom") { // remove all dots from your domain name here
  if (window.location.hostname == "{{ shop.permanent_domain }}") {
    console.log("{{ shop.permanent_domain }}"); // this prevents redirect if using the permanent_domain
  } else {
    window.location.replace('https://www.exampleshop.com');
  }
};
</script>

I used .replaceAll to remove the . character because the cloned shopify domain was replacing all occurrences of our domain with their domain before the script was being run in the browser. This causes the site to be stuck in a reloading loop if not using the correct domain.

Kimberley_Strip
Tourist
3 0 2

Hi David, 

 

We tried to use your code as the same thing is happening to us, would you mind telling me if the below is correct? 

 

<script> if (window.location.hostname.replaceAll('.','') !== "wwwohelloclothingcom") { // remove all dots from your domain name here if (window.location.hostname == "{{ shop.permanent_domain }}") { console.log("{{ shop.permanent_domain }}"); // this prevents redirect if using the permanent_domain } else { window.location.replace('https://www.ohelloclothing.com'); } }; </script>

David_Sullivan
Shopify Partner
3 0 4

Yes, that looks correct. You might need to test with and without the 'www' in your domain. Add the code to your theme, then visit the offending clone domain and you should see the page continuously reloading.

AoPShop
New Member
3 0 0

David, Thank you for your post. You're super helpful. I put this on my Theme, and it did work, as it blocked the duplicate site from loading. but it also caused my site to go in a loop and didn't load until I removed the script. 

AoPShop
New Member
3 0 0

actually instead of wwwdomaincom I did domaincom instead it seems to work. i'll do some more testing. Overall, excellent suggestion. thank you 

GlasgowMerchant
New Member
1 0 0

Thanks for this, David. Worked perfectly.

 

Someone cloned our entire store - including the checkout. I'm not sure if the checkout was actually functional or not, and I wasn't going to try and see if it was. 

 

Neither the domains registrar (where the scammer's domain was purchased from), Google, or Shopify support could offer a quick fix to the issue.

 

 

DesignerJoe55
Explorer
38 0 15

 


@David_Sullivan wrote:

This recently happened to a shop I work on. Here's what I added to theme.liquid to prevent the theme from working on other domains:

Add this to your theme.liquid inside the <head> tag:

 


@David_Sullivan This is genius! Excellent work! Thank you for putting that together.