{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreihe3rvfmbrxs2bkhuzexntyqxu2vypq4h6ar6zhzkjtbpwt2dkohe",
"uri": "at://did:plc:z3a345rn6njmxg2o5lxmj3en/app.bsky.feed.post/3mp5gvthu5rf2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreibsz6surio3ore5kic4ilmmt6n76qm2pdggisebcdwcjzjeqhnevq"
},
"mimeType": "image/jpeg",
"size": 44204
},
"path": "/news/security/order-tracking-app-shop-abused-to-push-callback-phishing-attacks/",
"publishedAt": "2026-06-25T19:45:48.000Z",
"site": "https://www.bleepingcomputer.com",
"tags": [
"Security",
"Mobile"
],
"textContent": "Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them into providing sensitive data or installing remote access software. [...]",
"title": "Order-tracking app Shop abused to push callback phishing attacks"
}