Phishing Protection
Phishing protection scans the internet for fake websites that impersonate your store to steal from your customers.
What is Phishing?
Phishing websites:
- Look like your store - Same logo, design, products
- Trick your customers - They think it's really you
- Steal payment info - Credit cards, personal data
- Damage your reputation - Customers blame you
Example: Your store is mybrand.com. A scammer creates my-brand.com or mybrand-shop.com with your exact design to steal from customers who don't notice the difference.
How We Detect Phishing
Domain Variation Scanning
We generate variations of your domain:
- Typos:
mybrand.com→mybrad.com - Additions:
mybrand-store.com,officialmybrand.com - Different TLDs:
mybrand.net,mybrand.shop - Homoglyphs:
mybrand.com→mybrаnd.com(Cyrillic 'a')
Then we check if these domains:
- Actually exist (DNS lookup)
- Have websites hosted on them
- Are copying your content
Website Analysis
When we find a suspicious domain, we analyze:
| Check | What We Look For |
|---|---|
| Content similarity | Are they copying your text? |
| Logo comparison | Using your logo? |
| Product images | Stealing your photos? |
| SSL certificate | Recently registered? |
| WHOIS data | Privacy protected? New registration? |
Risk Scoring
Each domain gets a confidence score:
| Score | Meaning |
|---|---|
| 80-100% | Almost certainly phishing |
| 60-79% | Very suspicious |
| 40-59% | Worth investigating |
| Under 40% | Probably safe (different business) |
Viewing Phishing Threats
Phishing Detection Page
Shows all discovered domains:
- Domain name
- Confidence score
- Status (active, taken down, etc.)
- Screenshots when available
- Analysis details
Threat Actions
For each detected domain:
- View details - Full analysis
- Whitelist - Mark as legitimate (your partner, subsidiary, etc.)
- Initiate takedown - Start DMCA/abuse process
- Monitor - Keep watching without action
What To Do When You Find Phishing
Step 1: Verify It's Phishing
- Visit the suspicious site (carefully!)
- Confirm it's copying your store
- Check if it's taking payments
- Screenshot everything as evidence
Step 2: Protect Your Customers
- Post on social media warning customers
- Update your legitimate site with a notice
- Email your customer list if appropriate
Step 3: Take It Down
- Report to the domain registrar (abuse contact)
- Report to the hosting provider
- Report to Google Safe Browsing
- Use Store Shield's takedown feature (Enterprise)
Step 4: Monitor
- Keep checking if the site comes back
- Watch for new variations
- Set up alerts for new detections
Understanding False Positives
Sometimes legitimate sites are flagged:
Common False Positives
- Your other properties - Subsidiary or regional stores
- Authorized retailers - Shops selling your products
- Fan sites - Non-commercial tribute pages
- Parked domains - You own but haven't developed
Using the Whitelist
- Go to the detected domain
- Click Whitelist
- Add a note explaining why
- It won't be flagged again
Enabling Phishing Protection
Phishing protection requires a Pro plan or higher.
- Go to Phishing Detection in the sidebar
- Toggle Enable Phishing Scanning
- Verify your store domain is correct
- Click Save
Scans run daily automatically.
Scan Frequency
| Plan | Scan Frequency |
|---|---|
| Pro | Daily |
| Enterprise | Multiple times daily |
You can also trigger manual scans from the dashboard.
FAQ
Q: How many domain variations do you check? A: We check thousands of variations including typos, additions, different TLDs, and lookalike characters.
Q: How long until phishing sites are found? A: New domains are typically discovered within 24 hours of going live.
Q: Can you automatically take down phishing sites? A: On Enterprise plans, we can initiate takedowns on your behalf. Otherwise, we provide instructions.
Q: What if the phishing site is on a foreign host? A: Takedowns are harder but still possible. We provide guidance for different jurisdictions.
Q: Do you alert my customers? A: No, that's your choice. We alert you so you can decide how to communicate with your customers.
Q: How often should I check phishing reports? A: We recommend checking weekly, or set up email alerts for new high-confidence detections.