Shein scam: So-called ‘mystery box’ is a phishing tool
Experts warn that Shein shoppers might be targeted by a phishing attack, exposing their private information and banking details to scammers who are mimicking Shein this Christmas.
Shein mystery box – a phishing scam circulating email created by unknown hackers – contains a link to claiming a prize, luring shoppers to supply their personal information.
Using more than 1000 phishing emails impersonating Shein, the malware campaign featured misleading subject lines and links to credential-harvesting sites, cybersecurity researchers identified in reports by Checkpoint.
“Designed to trick recipients into clicking on a link that redirects them to a fake website, this website mimics Shein’s official website, allowing users to enter their personal information to win a prize,” said Marc Porcar, CEO of QR Code Generator.
But Porcar says the fraudulent Shein website copies being promoted on the web are easily spotted by the trained eye. Watch for:
- Variations of domain names that are different from Shein’s official site (shein.com).
- Company addresses, customer service numbers, and employee information can look like a legitimate contact page.
- Low resolutions and watermark-embedded images
- Extreme discounts of more than 50 per cent are unlikely to be real.
- Spelling and grammatical errors.
- Secure checkout protocols: Make sure the page URL starts with “https” and look for a lock icon before filling in payment details.
“When speaking with customer service at Shein, it is important never to share any personal or payment information via phone call, text message, or WhatsApp. Shein only uses email and in-site chat for customer service,” he added.
Comment Manually
You must be logged in to post a comment.
No comments