Shopify infrastructure abuse

calendar Nov 13, 2024  ยท
Share on: linkedin copy

Attackers have been observed using myshopify.com links to bypass domain reputation checks.

Sublime rule (View on GitHub)

 1name: "Shopify infrastructure abuse"
 2description: "Attackers have been observed using myshopify.com links to bypass domain reputation checks."
 3type: "rule"
 4severity: "medium"
 5source: |
 6    false
 7
 8attack_types:
 9  - "Credential Phishing"
10  - "Spam"
11tactics_and_techniques:
12  - "Evasion"
13  - "Free subdomain host"
14  - "Impersonation: Brand"
15  - "Social engineering"
16detection_methods:
17  - "Content analysis"
18  - "Header analysis"
19  - "URL analysis"
20id: "844ff164-d2cb-5e7f-9f51-b2d71078e819"
to-top