Scammers Abuse Shopify to Send Fake Invoices and Steal Credentials via Fake Support Calls

Scammers are increasingly exploiting Shopify’s ecosystem and its Shop order-tracking app to deliver fraudulent invoices directly into users’ purchase histories, marking a shift from traditional email-based phishing to in-app social engineering attacks. Security researchers Luis Corrons and Jakub Vavra from…