Shopping
How hackers are stealing user details by faking China’s biggest online shopping platform Shein – Times of India
Shein is one of the most popular shopping apps in the world with reportedly the second most downloaded shopping app globally, with over 251 million downloads. This popularity has given hackers an opportunity to steal user data by offering fake discounts from China’s biggest online shopping website, a report has indicated.
According to Check Point, researchers from Harmony Email have said that hackers are impersonating Shein in an effort to steal user credentials, and over the last month, they have identified more than 1,000 of these fraudulent emails.
What method hackers use to scam people
Hackers send an email with a tempting subject line: “Order Verification SHEIN” – claiming to be from Shein customer service. However, the sender’s email address doesn’t match Shein’s official one.
The email announces that the user has received a mystery box from Shein and asks users to click the provided link to claim a surprise gift. However, the link leads to a fake website designed to steal personal information.
Just like other phishing attempts, scammers are trying to capitalise on popular brands and current trends to trick users – this time, they’re using Shein.
How to spot fake emails
There are several red flags that users can notice when they receive such emails. Any email that shows a strong sense of urgency surrounding the “mystery box” offer and provides a link to claim the prize is likely a scam.
A closer look at the email address may suggest users of a fake ID which has been created to fool people into clicking a link that takes them to a credential harvesting website.
What users can do
According to Check Point, researchers from Harmony Email have said that hackers are impersonating Shein in an effort to steal user credentials, and over the last month, they have identified more than 1,000 of these fraudulent emails.
What method hackers use to scam people
Hackers send an email with a tempting subject line: “Order Verification SHEIN” – claiming to be from Shein customer service. However, the sender’s email address doesn’t match Shein’s official one.
The email announces that the user has received a mystery box from Shein and asks users to click the provided link to claim a surprise gift. However, the link leads to a fake website designed to steal personal information.
Just like other phishing attempts, scammers are trying to capitalise on popular brands and current trends to trick users – this time, they’re using Shein.
How to spot fake emails
There are several red flags that users can notice when they receive such emails. Any email that shows a strong sense of urgency surrounding the “mystery box” offer and provides a link to claim the prize is likely a scam.
A closer look at the email address may suggest users of a fake ID which has been created to fool people into clicking a link that takes them to a credential harvesting website.
What users can do
- Do not click on links from websites whose address isn’t the official one and check the email’s source.
- Check the address of the website and the sender’s name for spelling and punctuation errors on websites that look real.
- Ensure the email is free of spelling errors. Pay attention to the language in the email. Question yourself whether you are expecting a package from Shein.
Continue Reading