WARNING: Shopify Users Fraudulent Attacks on Account Holders

Shopify Discussion
, ,

Topic summary

A phishing attack is targeting Shopify account holders through fraudulent emails designed to steal login credentials.

One user reported receiving a deceptive email from info@boutiquemaroc.co.uk that mimicked official Shopify communications. After accidentally entering credentials, they recognized the scam (aided by Chrome’s warnings) and took immediate protective measures:

  • Changed their password
  • Enabled two-factor authentication

The user emphasizes how convincing these phishing attempts are, noting that even IT professionals can fall victim. Screenshots were shared to help others identify similar attacks.

Recommended Action: Forward any suspected phishing emails to Shopify’s official safety team at safety@shopify.com for investigation and tracking.

Summarized with AI on October 26. AI used: claude-sonnet-4-5-20250929.
1

Hi all!

Just wanted to make everyone here, and Shopify team aware that there is a very tricky, and malicious email sender most likely attempting to obtain login information from your shopify accounts to access your store. I had accidently entered my information into this fake shopify sender and immediately realized thanks to Chrome, that they were not shopify at all. I was ashamed I was tricked, working in IT myself, but can happen to anyone. Also shopify team please be aware of the below. @Shopify_77 I also immediately changed my password after, and also enabled two factor authentication on my actual site not this fake one, so hopefully I am going to be ok.

Sender email: info@boutiquemaroc.co.uk

Screenshots attached, they were very tricky.

Best,

Ryan WARNING: Shopify Users Fraudulent Attacks on Account Holders

2

Please forward any phishing messages that you receive to Shopify’s safety inbox at safety@shopify.com.

2 Likes