最近几天网友连续收到疑似shopify官方的邮件通知,称她的Shopi

版权声明:转载需要声明来源。 https://www.waimaojishu.com/article/details/2

  • 2019-09-11 12:07:33
  • 668

        最近几天有网友称连续收到疑似shopify官方的邮件通知,称她的Shopify账户存在问题,需要通过下载邮件附件查看验证账户的具体流程。 

        第一封邮件有些低级,不过应该也能骗到一些人,发件人为Support Team (Shopify),第二封邮件相对就有一些高级了,应该会骗到很多人,发件人地址为 Shopify 。我们常说眼见为实,但是你眼睛看到的,未必是真的,要知道,发件人的地址是可以进行伪装的,你看到的发件人信息,不一定是真的。

不过一般人也不会无聊的去通过邮件的原始信息查看真实的发件人信息。真正判断出来这是一封诈骗邮件的,是邮件内容中一些不正常的要求。 

Dear Customer, 

        We need your help resolving an issue with your shopify account. 

Until you help us resolve this issue, we've temporarily limited what you can do with your account. What's going on?

We face a problem in the ratification of the real owner of the account .

We now need you to re-confirm your account information to us.

 If this is not completed by 08-11-2017, we will be forced to suspend your account indefinitely. 

What to do next : We have sent you an attachment which contains all the necessary steps in order to restore your account access. 

Download and open it in your browser. 

After we have gathered the necessary information, you will regain full access to your account. 

1) Download The document and open it in a browser window secure. 

2. Confirm that you are the account holder and follow the instructions It's usually quite straight forward to take care of these things. 

Most of the time, we just need some more information about your account or latest transactions. 

To help us with this and to see what you can and can't do with your account until the issue is resolved, log in to your account and go to the Resolution Center. Thanks, 

The Shopify Security Team, 

虽然我没有看到邮件的附件,但是大概能够想到,邮件附件大概就是提供了一个操作流程,然后里面有一个链接地址,要求你打开链接之后,输入Shopify账号密码,登录,完成所谓的账户所有权认证。

而问题就在你打开的那个链接是伪装成Shopify网站的一个钓鱼页面。 

后经过与Shopify官方核实,他们确实没有发送过相关邮件,确认此邮件为钓鱼邮件。 

那么遇到类似问题如何处理呢?

 1 查看发件人信息是否真实

 2 只要是涉及到要求你提供你的账号密码的,要谨慎操作,操作之前要首先联系客服核实 

3 开启shopify账户登录的二次验证 

4 最最重要的,是提高防火防盗的意识。