Abundance of Phishing Emails

Sherwoodmfg · March 13, 2025, 2:57pm

Hi,

The last few days, we have gone from little-to-no phishing emails. All of a sudden, we are getting a couple a day, all from different addresses. I am reporting each email as it comes in (forwarding to safety@shopify.com) but is there anything else I can do to try and stop these?

We didn’t click on any links either.

Thanks!

goldi07 · March 13, 2025, 3:10pm

Hello @Sherwoodmfg

. Steps to Reduce & Prevent Phishing Emails:

Enable Email Security Settings

Since your emails are getting through, make sure your email provider has strong spam filters and that your domain has the right security settings:
. Enable SPF (Sender Policy Framework) – Prevents email spoofing.
. Enable DKIM (DomainKeys Identified Mail) – Ensures emails aren’t tampered with.
. Enable DMARC (Domain-based Message Authentication, Reporting & Conformance) – Helps reject fraudulent emails.
. If you use Google Workspace or Microsoft 365, you can check if these are configured correctly.

Block & Filter Suspicious Senders
. Mark as spam in your email client (Gmail, Outlook, etc.).
. Set up email rules to auto-delete emails containing common phishing keywords (e.g., “urgent payment,” “account suspended”).
Check for Data Leaks
If you suddenly receive more phishing emails, your email address may have been leaked. Check:
. https://haveibeenpwned.com to see if your email was compromised in a breach.

. If found, change passwords & enable 2FA (Two-Factor Authentication).

Strengthen Shopify & Business Email Security
. Enable Two-Factor Authentication (2FA) for Shopify & email accounts.
. Avoid using public email addresses for admin logins.
. If you use Shopify Email, check the blocked domains list in Shopify’s Email Settings.
Shopify-Specific Protections
. Keep forwarding phishing emails to safety@shopify.com .
. Review Shopify admin logs for any unauthorized login attempts.

If phishing emails are increasing, it could mean someone is targeting your store. Consider using an email security service like:
. Google Advanced Protection (for Google Workspace)
. Microsoft Defender for Office 365 (for Outlook)
. Cloudflare Email Security

Thank you

PageFly-Richard · March 16, 2025, 8:47am

Hi,

This is Richard at PageFly - Shopify Advanced Page Builder app.

It’s definitely concerning to see a sudden surge in phishing emails, even if you’re being diligent about reporting them. While reporting is crucial, there are additional steps you can take to minimize the risk and potentially reduce the influx.

Understanding the Phishing Surge:

Targeted Campaign:
- Phishing campaigns often come in waves. It’s possible your business or industry is being specifically targeted.
- Sometimes these campaigns are automated, and they can shift the sending email addresses very quickly.
Data Breaches:
- If your email address or business information was exposed in a recent data breach, it could be contributing to the increase in phishing attempts.
Increased Online Activity:
- During peak online shopping seasons or promotional periods, phishing activity tends to increase

Hoping my solution helps you solve your problem.

Best regards,

Richard | PageFly

Topic		Replies	Views
Opgelet met Spoofing mail Shopify-discussie	1	4	June 12, 2020
Anyone getting these Fraud phishing emails, This is my second! Shopify Discussion billing-plans	2	41	May 27, 2022
How to identify phishing emails on ecommerce platforms? Shopify Discussion	1	1	September 1, 2021
Is this email from Shopify or is it a spam or other? Shopify Discussion troubleshooting	10	146	May 30, 2022
Fraud email received saying my shopify account been suspended Shopify Discussion billing-plans	12	3	June 7, 2021

Abundance of Phishing Emails

Related topics