**Shop**, **Shopify**'s digital shopping assistant, is a widely used platform, particularly in North America, allowing users to track orders, access receipts, and discover products. With over 50 million downloads on **Google Play** and 7 million ratings on **Apple**'s **App Store**, its popularity makes it a prime target for sophisticated social engineering tactics. ### Fake Receipts Impersonate Major Brands According to research by cybersecurity firm **Gen Digital**, scammers are inserting fraudulent orders into the **Shop** app that appear alongside genuine purchases. These fake receipts impersonate well-known brands such as **Norton**, **McAfee**, **Apple**, and **PayPal**.  Each fraudulent receipt includes a phone number for users to dispute the alleged purchase. However, calling this number connects victims directly to a scammer posing as a support agent. ### The Callback Phishing Playbook Through various social engineering techniques, these fraudsters attempt to persuade victims to disclose critical information, including account credentials, payment card details, and temporary authentication codes (OTPs). In more severe cases, victims are tricked into installing remote access software, giving attackers direct control over their devices. **Gen Digital** researchers highlight that this method of inserting fake receipts into the **Shop** app is significantly more effective than traditional email-based fraudulent purchase notifications. The legitimacy of the **Shop** app fosters a higher level of trust, making users more likely to engage with the fake orders. ### Unanswered Questions and User Vigilance Despite the observed wave of fraudulent invoices, the exact mechanism by which these fake receipts are inserted into the **Shop** app remains unclear. **Gen Digital** noted that while **Shop** can populate orders from various sources (email parsing, account association, order workflows), no specific channel for the fraudulent notifications could be confirmed. **Gen Digital** has found no evidence suggesting that **Shop**, **Shopify**, or any of the impersonated companies have been compromised. **BleepingComputer** reached out to **Shopify** for comment but has not yet received a response. ### Recommendations for Users Until further clarity emerges, users who encounter receipts for unfamiliar orders within the **Shop** app are strongly advised against calling any listed phone numbers. Instead, verify any suspicious charges directly with your bank or card issuer. For those who have already contacted the scammers and disclosed sensitive information, it is crucial to immediately reset all affected account passwords and contact your bank or card issuer to report the fraud and initiate card cancellation.