Secure My WooCommerce Store

⚠️ Fake WooCommerce Security Patch Phishing Campaign: Protect Your Site

Cybersecurity researchers have identified a sophisticated phishing campaign targeting WooCommerce users. Attackers are sending fake security alerts urging users to download a "critical patch," which, in reality, installs a backdoor on their WordPress sites. This campaign is reminiscent of a similar attack observed in December 2023, suggesting the involvement of the same threat actors or imitators.

How the Attack Works

Victims receive emails claiming their WooCommerce sites are vulnerable to a non-existent "Unauthenticated Administrative Access" issue. The emails prompt users to download a patch from a spoofed WooCommerce Marketplace page hosted on a domain like "woocommėrce[.]com" (note the special character in the domain name).

Once the malicious plugin is installed, it performs several actions:

Potential Risks

With full control over compromised sites, attackers can:

How to Protect Your Site

To safeguard your WooCommerce store:

If you suspect your site has been compromised, consult with cybersecurity professionals and consider using security plugins to scan and clean your website.
If you're looking for expert guidance to secure your WooCommerce store or protect your WordPress site from phishing attacks, visit Secure My Store . Our team specializes in WordPress security audits, malware removal, and proactive protection strategies.