@HotHeadstalls I received this email this morning as well. I was panic and submitted the attestation a few times. I’m just wondering how did your goes?
Topic summary
Legitimacy of emails from risk-management@shopify.com: Confirmed by a Shopify staff member (Trust & Safety). These notices are triggered when systems detect potentially unauthorized branded/trademarked items and include an attestation form to complete by the stated deadline.
Required actions and timelines:
- Fill out the attestation form (options include removing items, proving authorization, or indicating “I sell used authentic products”).
- Reply to the email for clarification; Trust & Safety (T&S) may take 2–3 business days to respond.
- Failure to comply may lead to account closure to prevent further sales.
Platform vs. Shopify Payments:
- Platform may allow sale of trademarked items if compliant with Acceptable Use and not illegally obtained; however, Shopify Payments can restrict “high-risk” items (luxury/brand-name) due to chargeback/fraud risk.
- Alternatives like PayPal, Stripe, or Authorize.net can be used if Shopify Payments is unavailable.
Outcomes reported:
- Some merchants removed borderline items and continued without payment holds.
- Others replied; some were told no further action was required.
Concerns and suggestions:
- An InfoSec professional flagged the email format as spear-phishing-like and urged Shopify to place notices in Admin and send linkless alerts.
Status: Active/ongoing; merchants should complete the attestation and seek legal advice if needed.